Executive Summary
Summary | |
---|---|
Title | Updated gd packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | MDKSA-2007:153 | First vendor Publication | 2007-08-03 |
Vendor | Mandriva | Last vendor Modification | 2007-08-03 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
GD versions prior to 2.0.35 have a number of bugs which potentially lead to denial of service and possibly other issues. Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified remote attack vectors and impact. (CVE-2007-3472) The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. (CVE-2007-3473) Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 allow user-assisted remote attackers to have unspecified attack vectors and impact. (CVE-2007-3474) The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. (CVE-2007-3475) Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. (CVE-2007-3476) The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allows attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. (CVE-2007-3477) Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. (CVE-2007-3478) The security issues related to GIF image handling (CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476) do not affect Corporate 3.0, as the version of GD included in these versions does not include GIF support. Updated packages have been patched to prevent these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:153 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
25 % | CWE-399 | Resource Management Errors |
25 % | CWE-362 | Race Condition |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10348 | |||
Oval ID: | oval:org.mitre.oval:def:10348 | ||
Title: | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. | ||
Description: | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3476 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11067 | |||
Oval ID: | oval:org.mitre.oval:def:11067 | ||
Title: | Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. | ||
Description: | Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3472 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11806 | |||
Oval ID: | oval:org.mitre.oval:def:11806 | ||
Title: | The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. | ||
Description: | The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3473 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13910 | |||
Oval ID: | oval:org.mitre.oval:def:13910 | ||
Title: | USN-854-1 -- libgd2 vulnerabilities | ||
Description: | Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTS | ||
Family: | unix | Class: | patch |
Reference(s): | USN-854-1 CVE-2009-3546 CVE-2009-3293 CVE-2007-3475 CVE-2007-3476 CVE-2007-3477 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04 | Product(s): | libgd2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21803 | |||
Oval ID: | oval:org.mitre.oval:def:21803 | ||
Title: | ELSA-2008:0146: gd security update (Moderate) | ||
Description: | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0146-01 CVE-2006-4484 CVE-2007-0455 CVE-2007-2756 CVE-2007-3472 CVE-2007-3473 CVE-2007-3475 CVE-2007-3476 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | gd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9728 | |||
Oval ID: | oval:org.mitre.oval:def:9728 | ||
Title: | The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | ||
Description: | The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3475 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-23 | Name : Ubuntu USN-854-1 (libgd2) File : nvt/ubuntu_854_1.nasl |
2009-10-13 | Name : SLES10: Security update for gd File : nvt/sles10_gd.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015608.nasl |
2009-10-10 | Name : SLES9: Security update for gd File : nvt/sles9p5018750.nasl |
2009-04-09 | Name : Mandriva Update for gd MDKSA-2007:153 (gd) File : nvt/gb_mandriva_MDKSA_2007_153.nasl |
2009-04-09 | Name : Mandriva Update for tetex MDKSA-2007:164 (tetex) File : nvt/gb_mandriva_MDKSA_2007_164.nasl |
2009-03-06 | Name : RedHat Update for gd RHSA-2008:0146-01 File : nvt/gb_RHSA-2008_0146-01_gd.nasl |
2009-02-27 | Name : CentOS Update for gd CESA-2008:0146 centos4 i386 File : nvt/gb_CESA-2008_0146_gd_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for gd CESA-2008:0146 centos4 x86_64 File : nvt/gb_CESA-2008_0146_gd_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for gd FEDORA-2007-2055 File : nvt/gb_fedora_2007_2055_gd_fc7.nasl |
2009-02-27 | Name : Fedora Update for gd FEDORA-2007-692 File : nvt/gb_fedora_2007_692_gd_fc6.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-05 (gd) File : nvt/glsa_200708_05.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-34 (cstetex) File : nvt/glsa_200711_34.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-13 (ptex) File : nvt/glsa_200805_13.nasl |
2008-09-04 | Name : FreeBSD Ports: gd File : nvt/freebsd_gd0.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1613-1 (libgd2) File : nvt/deb_1613_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42062 | GD Graphics Library (libgd) Multiple Function Large Angle Degree Value DoS |
37745 | GD Graphics Library (libgd) gdImageCreateTrueColor Function Overflow |
37744 | GD Graphics Library (libgd) gdImageCreateXbm Function Unspecified DoS |
37743 | GD Graphics Library (libgd) GIF Reader Multiple Unspecified Issues |
37742 | GD Graphics Library (libgd) Malformed GIF Handling DoS |
37741 | GD Graphics Library (libgd) gd_gif_in.c Image Handling DoS |
37740 | GD Graphics Library (libgd) gdft.c gdImageStringFTEx (gdft_draw_bitmap) Race ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-05-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2018-120-01.nasl - Type : ACT_GATHER_INFO |
2015-10-29 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-604.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0146.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080228_gd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing a security update. File : fedora_2010-19033.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing a security update. File : fedora_2010-19022.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-854-1.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11666.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11578.nasl - Type : ACT_GATHER_INFO |
2008-07-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1613.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0146.nasl - Type : ACT_GATHER_INFO |
2008-02-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0146.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-3980.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gd-3895.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2055.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-3978.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-3979.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_gd-3896.nasl - Type : ACT_GATHER_INFO |
2007-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-692.nasl - Type : ACT_GATHER_INFO |
2007-08-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-164.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-153.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-05.nasl - Type : ACT_GATHER_INFO |
2007-07-01 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_6e09999725d811dc878b000c29c5647f.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:49 |
|