Executive Summary
Summary | |
---|---|
Title | gd security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0003 | First vendor Publication | 2010-01-04 |
Vendor | RedHat | Last vendor Modification | 2010-01-04 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated gd packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The gd packages provide a graphics library used for the dynamic creation of images, such as PNG and JPEG. A missing input sanitization flaw, leading to a buffer overflow, was discovered in the gd library. A specially-crafted GD image file could cause an application using the gd library to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3546) Users of gd should upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 529213 - CVE-2009-3546 gd: insufficient input validation in _gdGetColors() |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0003.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13099 | |||
Oval ID: | oval:org.mitre.oval:def:13099 | ||
Title: | DSA-1936-1 libgd2 -- several | ||
Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0455 Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution. CVE-2009-3546 Tomas Hoger discovered a boundary error in the "_gdGetColors" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. For the oldstable distribution, these problems have been fixed in version 2.0.33-5.2etch2. For the stable distribution, these problems have been fixed in version 2.0.36~rc1~dfsg-3+lenny1. For the upcoming stable distribution and the unstable distribution ion, these problems have been fixed in version 2.0.36~rc1~dfsg-3.1. We recommend that you upgrade your libgd2 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1936-1 CVE-2007-0455 CVE-2009-3546 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22090 | |||
Oval ID: | oval:org.mitre.oval:def:22090 | ||
Title: | RHSA-2010:0003: gd security update (Moderate) | ||
Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0003-01 CESA-2010:0003 CVE-2009-3546 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22668 | |||
Oval ID: | oval:org.mitre.oval:def:22668 | ||
Title: | ELSA-2010:0003: gd security update (Moderate) | ||
Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0003-01 CVE-2009-3546 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8225 | |||
Oval ID: | oval:org.mitre.oval:def:8225 | ||
Title: | DSA-1936 libgd2 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution (etch). Tomas Hoger discovered a boundary error in the "_gdGetColors()" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1936 CVE-2007-0455 CVE-2009-3546 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-30 | Name : Fedora Update for gd FEDORA-2012-9298 File : nvt/gb_fedora_2012_9298_gd_fc17.nasl |
2012-07-03 | Name : Fedora Update for gd FEDORA-2012-9314 File : nvt/gb_fedora_2012_9314_gd_fc16.nasl |
2011-08-09 | Name : CentOS Update for gd CESA-2010:0003 centos5 i386 File : nvt/gb_CESA-2010_0003_gd_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2010:0040 centos5 i386 File : nvt/gb_CESA-2010_0040_php_centos5_i386.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-16 (gd) File : nvt/glsa_201006_16.nasl |
2010-03-02 | Name : Fedora Update for php FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_php_fc11.nasl |
2010-03-02 | Name : Fedora Update for maniadrive FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_maniadrive_fc11.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 x86_64 File : nvt/gb_CESA-2010_0040_php_centos4_x86_64.nasl |
2010-01-19 | Name : RedHat Update for php RHSA-2010:0040-01 File : nvt/gb_RHSA-2010_0040-01_php.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 i386 File : nvt/gb_CESA-2010_0040_php_centos4_i386.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 x86_64 File : nvt/gb_CESA-2010_0040_php_centos3_x86_64.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 i386 File : nvt/gb_CESA-2010_0040_php_centos3_i386.nasl |
2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 x86_64 File : nvt/gb_CESA-2010_0003_gd_centos4_x86_64.nasl |
2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 i386 File : nvt/gb_CESA-2010_0003_gd_centos4_i386.nasl |
2010-01-15 | Name : RedHat Update for gd RHSA-2010:0003-01 File : nvt/gb_RHSA-2010_0003-01_gd.nasl |
2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12017 (maniadrive) File : nvt/fcore_2009_12017.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:284-1 (gd) File : nvt/mdksa_2009_284_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:324 (php) File : nvt/mdksa_2009_324.nasl |
2009-11-23 | Name : Debian Security Advisory DSA 1936-1 (libgd2) File : nvt/deb_1936_1.nasl |
2009-11-23 | Name : Ubuntu USN-854-1 (libgd2) File : nvt/ubuntu_854_1.nasl |
2009-11-11 | Name : FreeBSD Ports: gd File : nvt/freebsd_gd1.nasl |
2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:284 (gd) File : nvt/mdksa_2009_284.nasl |
2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:285 (php) File : nvt/mdksa_2009_285.nasl |
2009-10-23 | Name : PHP '_gdGetColors()' Buffer Overflow Vulnerability File : nvt/gb_php_gdGetColors_bof_vuln.nasl |
2009-10-23 | Name : GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability (Linux) File : nvt/gb_gd_graphics_library_bof_vuln_lin.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59071 | PHP gd_gd.c _gdGetColors Function colorsTotal Structure Remote Overflow Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-05-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2018-120-01.nasl - Type : ACT_GATHER_INFO |
2015-10-29 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-604.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100113_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100104_gd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9314.nasl - Type : ACT_GATHER_INFO |
2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9298.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-0495.nasl - Type : ACT_GATHER_INFO |
2010-06-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201006-16.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1936.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2010-01-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-324.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-12017.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4e8344a3ca5211de8ee800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-854-1.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-284.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-285.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:09 |
|