Download
| Alert*
oval:org.secpod.oval:def:1800269
CVE-2016-6906: The read_image_tga function in gd_tga.c in the GD Graphics Library before 2.2.4 allows remote attackers to cause a denial of service via a crafted TGA file, related to the decompression buffer. oval:org.secpod.oval:def:39117 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:2100675 Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. oval:org.secpod.oval:def:89044742 This update for gd fixes the following security issues: - CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. - CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library allowed remote attackers to have unspe ... oval:org.secpod.oval:def:89044851 This update for gd fixes the following security issues: - CVE-2016-9317: The gdImageCreate function in the GD Graphics Library allowed remote attackers to cause a denial of service via an oversized image. - CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx could lead to libgd ... oval:org.secpod.oval:def:204703 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd to crash, leading to denial of service. * An intege ... oval:org.secpod.oval:def:111991 A library for reading and converting Windows MetaFile vector graphics . oval:org.secpod.oval:def:502193 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd to crash, leading to denial of service. * An intege ... oval:org.secpod.oval:def:1502060 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703490 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:112187 A library for reading and converting Windows MetaFile vector graphics . oval:org.secpod.oval:def:51732 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:602761 Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. oval:org.secpod.oval:def:1800347 CVE-2016-6906: The read_image_tga function in gd_tga.c in the GD Graphics Library before 2.2.4 allows remote attackers to cause a denial of service via a crafted TGA file, related to the decompression buffer. oval:org.secpod.oval:def:89044520 This update for php53 fixes the following security issues: - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service - CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c in PHP allowed remote attackers to cause a d ... oval:org.secpod.oval:def:1600519 Integer overflow in gd_io.c in the GD Graphics Library before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. In all versions of PHP 7, during the unserialization process, resizing the "properties"; hash table ... oval:org.secpod.oval:def:39728 Integer overflow in gd_io.c in the GD Graphics Library before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0 ... oval:org.secpod.oval:def:504906 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php . Security Fix: * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * php: Use after free in wddx_dese ... |