CVE-2016-6207

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.

References

http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html

http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html

http://packetstormsecurity.com/files/138174/LibGD-2.2.2-Integer-Overflow-Denial-Of-Service.html

http://rhn.redhat.com/errata/RHSA-2016-2750.html

http://www.debian.org/security/2016/dsa-3630

http://www.securityfocus.com/archive/1/539100/100/0/threaded

http://www.securityfocus.com/bid/92080

http://www.securitytracker.com/id/1036535

http://www.ubuntu.com/usn/USN-3060-1

https://bugs.php.net/bug.php?id=72558

https://libgd.github.io/release-2.2.3.html

https://secunia.com/secunia_research/2016-9/

https://security.gentoo.org/glsa/201612-09

Details

Source: MITRE

Published: 2016-08-12

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:* versions up to 2.2.2 (inclusive)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
98855PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)Web Application ScanningComponent Vulnerability
critical
98814PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)Web Application ScanningComponent Vulnerability
critical
119981SUSE SLES12 Security Update : php7 (SUSE-SU-2016:2460-1)NessusSuSE Local Security Checks
critical
119979SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2408-1)NessusSuSE Local Security Checks
critical
95524GLSA-201612-09 : GD: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
93872Fedora 23 : gd (2016-0de0e0ee0c)NessusFedora Local Security Checks
medium
93856openSUSE Security Update : php5 (openSUSE-2016-1156)NessusSuSE Local Security Checks
critical
93701openSUSE Security Update : gd (openSUSE-2016-1108)NessusSuSE Local Security Checks
critical
93506SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2016:2303-1)NessusSuSE Local Security Checks
critical
93063openSUSE Security Update : gd (openSUSE-2016-1003)NessusSuSE Local Security Checks
high
92982openSUSE Security Update : php5 (openSUSE-2016-985)NessusSuSE Local Security Checks
critical
92869Ubuntu 14.04 LTS / 16.04 LTS : libgd2 vulnerabilities (USN-3060-1)NessusUbuntu Local Security Checks
medium
9460PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
92740FreeBSD : gd -- multiple vulnerabilities (556d2286-5a51-11e6-a6c3-14dae9d210b8)NessusFreeBSD Local Security Checks
high
92572Debian DSA-3630-1 : libgd2 - security updateNessusDebian Local Security Checks
medium
92556PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)NessusCGI abuses
critical
92555PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)NessusCGI abuses
critical
92554PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy)NessusCGI abuses
critical
92532Fedora 24 : gd (2016-615f3bf06e)NessusFedora Local Security Checks
high
92499Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2016-203-02) (httpoxy)NessusSlackware Local Security Checks
high