Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Titlelibgd2 security update
Informations
NameDSA-3777First vendor Publication2017-01-31
VendorDebianLast vendor Modification2017-01-31
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

For the stable distribution (jessie), these problems have been fixed in version 2.1.0-5+deb8u9.

For the testing distribution (stretch) and the unstable distribution (sid), these problems have been fixed in version 2.2.4-1.

We recommend that you upgrade your libgd2 packages.

Original Source

Url : http://www.debian.org/security/2017/dsa-3777

CWE : Common Weakness Enumeration

%idName
33 %CWE-20Improper Input Validation
17 %CWE-415Double Free
17 %CWE-191Integer Underflow (Wrap or Wraparound)
17 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)
17 %CWE-125Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7

Nessus® Vulnerability Scanner

DateDescription
2018-05-01Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-120-01.nasl - Type : ACT_GATHER_INFO
2017-12-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1301.nasl - Type : ACT_GATHER_INFO
2017-12-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1302.nasl - Type : ACT_GATHER_INFO
2017-11-20Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-3221.nasl - Type : ACT_GATHER_INFO
2017-11-16Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-3221.nasl - Type : ACT_GATHER_INFO
2017-11-16Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20171115_php_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-11-16Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-3221.nasl - Type : ACT_GATHER_INFO
2017-11-15Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-3221.nasl - Type : ACT_GATHER_INFO
2017-09-19Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2522-1.nasl - Type : ACT_GATHER_INFO
2017-07-19Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-199-02.nasl - Type : ACT_GATHER_INFO
2017-06-26Name : The Tenable SecurityCenter application on the remote host contains a PHP libr...
File : securitycenter_php_5_6_30.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1045.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-808.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-812.nasl - Type : ACT_GATHER_INFO
2017-03-14Name : The remote Fedora host is missing a security update.
File : fedora_2017-9a5b89363f.nasl - Type : ACT_GATHER_INFO
2017-03-14Name : An application installed on the remote host is affected by multiple vulnerabi...
File : securitycenter_5_4_3_tns_2017_04.nasl - Type : ACT_GATHER_INFO
2017-03-07Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-304.nasl - Type : ACT_GATHER_INFO
2017-03-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3213-1.nasl - Type : ACT_GATHER_INFO
2017-02-28Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0568-1.nasl - Type : ACT_GATHER_INFO
2017-02-24Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-289.nasl - Type : ACT_GATHER_INFO
2017-02-16Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0468-1.nasl - Type : ACT_GATHER_INFO
2017-02-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-f787c35494.nasl - Type : ACT_GATHER_INFO
2017-02-15Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0459-1.nasl - Type : ACT_GATHER_INFO
2017-02-13Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-041-03.nasl - Type : ACT_GATHER_INFO
2017-02-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3777.nasl - Type : ACT_GATHER_INFO
2017-01-30Name : The remote Debian host is missing a security update.
File : debian_DLA-804.nasl - Type : ACT_GATHER_INFO
2017-01-24Name : The remote Fedora host is missing a security update.
File : fedora_2017-2717b02630.nasl - Type : ACT_GATHER_INFO
2017-01-24Name : The remote Fedora host is missing a security update.
File : fedora_2017-bab5698540.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2017-11-04 09:25:46
  • Multiple Updates
2017-02-02 13:25:45
  • Multiple Updates
2017-01-31 21:24:05
  • First insertion