[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] gd: Double free in src/gd_bump.c:gdImageBmpPtr() via crafted JPEG (CVE-2018-1000222)

ID: oval:org.secpod.oval:def:1801186Date: (C)2018-10-05   (M)2023-11-10
Class: PATCHFamily: unix




Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.

Platform:
Alpine Linux 3.6
Product:
gd
Reference:
9501
CVE-2018-1000222
CVE    1
CVE-2018-1000222
CPE    2
cpe:/o:alpinelinux:alpine_linux:3.6
cpe:/a:libgd:gd

© SecPod Technologies