CVE-2016-6207medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
References
http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html
http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html
http://packetstormsecurity.com/files/138174/LibGD-2.2.2-Integer-Overflow-Denial-Of-Service.html
http://rhn.redhat.com/errata/RHSA-2016-2750.html
http://www.debian.org/security/2016/dsa-3630
http://www.securityfocus.com/archive/1/539100/100/0/threaded
http://www.securityfocus.com/bid/92080
http://www.securitytracker.com/id/1036535
http://www.ubuntu.com/usn/USN-3060-1
https://bugs.php.net/bug.php?id=72558
https://libgd.github.io/release-2.2.3.html
Details
Source: MITRE
Published: 2016-08-12
Updated: 2018-10-30
Type: CWE-119
Risk Information
CVSS v2
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
CVSS v3
Base Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 2.8
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:* versions up to 2.2.2 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 98855 | PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy) | Web Application Scanning | Component Vulnerability | critical |
| 98814 | PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy) | Web Application Scanning | Component Vulnerability | critical |
| 119981 | SUSE SLES12 Security Update : php7 (SUSE-SU-2016:2460-1) | Nessus | SuSE Local Security Checks | critical |
| 119979 | SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2408-1) | Nessus | SuSE Local Security Checks | critical |
| 95524 | GLSA-201612-09 : GD: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
| 93872 | Fedora 23 : gd (2016-0de0e0ee0c) | Nessus | Fedora Local Security Checks | medium |
| 93856 | openSUSE Security Update : php5 (openSUSE-2016-1156) | Nessus | SuSE Local Security Checks | critical |
| 93701 | openSUSE Security Update : gd (openSUSE-2016-1108) | Nessus | SuSE Local Security Checks | critical |
| 93506 | SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2016:2303-1) | Nessus | SuSE Local Security Checks | critical |
| 93063 | openSUSE Security Update : gd (openSUSE-2016-1003) | Nessus | SuSE Local Security Checks | high |
| 92982 | openSUSE Security Update : php5 (openSUSE-2016-985) | Nessus | SuSE Local Security Checks | critical |
| 92869 | Ubuntu 14.04 LTS / 16.04 LTS : libgd2 vulnerabilities (USN-3060-1) | Nessus | Ubuntu Local Security Checks | medium |
| 9460 | PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple Vulnerabilities | Nessus Network Monitor | Web Servers | high |
| 92740 | FreeBSD : gd -- multiple vulnerabilities (556d2286-5a51-11e6-a6c3-14dae9d210b8) | Nessus | FreeBSD Local Security Checks | high |
| 92572 | Debian DSA-3630-1 : libgd2 - security update | Nessus | Debian Local Security Checks | medium |
| 92556 | PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy) | Nessus | CGI abuses | critical |
| 92555 | PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy) | Nessus | CGI abuses | critical |
| 92554 | PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy) | Nessus | CGI abuses | critical |
| 92532 | Fedora 24 : gd (2016-615f3bf06e) | Nessus | Fedora Local Security Checks | high |
| 92499 | Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2016-203-02) (httpoxy) | Nessus | Slackware Local Security Checks | high |