CVE-2016-6128
published 2016-08-07CVE-2016-6128: The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to…
PriorityP334high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
6.80%
93.2th percentile
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | libgd2 | < libgd2 2.2.2-29-g3c2b605-1 (bookworm) | libgd2 2.2.2-29-g3c2b605-1 (bookworm) |
| libgd | libgd | <= 2.2.2 | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.6HIGH
vendor_ubuntu7.6HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GD library vulnerabilities
vendor_ubuntu·2016-07-11·CVSS 7.6
CVE-2013-7456 [HIGH] GD library vulnerabilities
Title: GD library vulnerabilities
Summary: The GD library could be made to crash or run programs if it processed a
specially crafted image file.
It was discovered that the GD library incorrectly handled memory when using
gdImageScaleTwoPass(). A remote attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2013-7456)
It was discovered that the GD library incorrectly handled certain malformed
XBM images. If a user or automated system were tricked into processing a
specially crafted XBM image, an attacker could cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04
LTS. (CVE-2016-5116)
It was discovered that the GD library incorrectly handled memory when using
_gd2GetHeader(). A rem
Red Hat
gd: Invalid color index not properly handled
vendor_redhat·2016-06-27·CVSS 7.5
CVE-2016-6128 [HIGH] CWE-20 gd: Invalid color index not properly handled
gd: Invalid color index not properly handled
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
It was found that libgd did not properly handle invalid color indexes in GD files. An attacker who could submit a crafted GD file for conversion could cause applications using libgd to crash, leading to denial of service.
Statement: Red Hat Product Security has rated this issue as having Low security
impact. This issue is not currently planned to be addressed in future
updates. For additional information, refer to the Issue Severity
Classification: https://access.redhat.com/security/updates/classification/.
Package:
Debian
CVE-2016-6128: libgd2 - The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka l...
vendor_debian·2016·CVSS 7.5
CVE-2016-6128 [HIGH] CVE-2016-6128: libgd2 - The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka l...
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
Scope: local
bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1)
bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1)
forky: resolved (fixed in 2.2.2-29-g3c2b605-1)
sid: resolved (fixed in 2.2.2-29-g3c2b605-1)
trixie: resolved (fixed in 2.2.2-29-g3c2b605-1)
GHSA
GHSA-x3xg-pxf8-v7j9: The gdImageCropThreshold function in gd_crop
ghsa_unreviewed·2022-05-13
CVE-2016-6128 [HIGH] CWE-20 GHSA-x3xg-pxf8-v7j9: The gdImageCropThreshold function in gd_crop
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
OSV
CVE-2016-6128: The gdImageCropThreshold function in gd_crop
osv·2016-08-07·CVSS 7.5
CVE-2016-6128 [HIGH] CVE-2016-6128: The gdImageCropThreshold function in gd_crop
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
OSV
libgd2 vulnerabilities
osv·2016-07-11·CVSS 7.6
CVE-2013-7456 [HIGH] libgd2 vulnerabilities
libgd2 vulnerabilities
It was discovered that the GD library incorrectly handled memory when using
gdImageScaleTwoPass(). A remote attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2013-7456)
It was discovered that the GD library incorrectly handled certain malformed
XBM images. If a user or automated system were tricked into processing a
specially crafted XBM image, an attacker could cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04
LTS. (CVE-2016-5116)
It was discovered that the GD library incorrectly handled memory when using
_gd2GetHeader(). A remote attacker could possibly use this issue to cause a
denial of service or possibly execute arbitrary code. (CVE-2016-5766)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-6128 php: gd: Invalid color index not properly handled [fedora-all]
bugzilla·2016-08-25·CVSS 7.5
CVE-2016-6128 [HIGH] CVE-2016-6128 php: gd: Invalid color index not properly handled [fedora-all]
CVE-2016-6128 php: gd: Invalid color index not properly handled [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of F
Bugzilla
CVE-2016-6128 gd: Invalid color index not properly handled
bugzilla·2016-06-30·CVSS 7.5
CVE-2016-6128 [HIGH] CVE-2016-6128 gd: Invalid color index not properly handled
CVE-2016-6128 gd: Invalid color index not properly handled
It was found that libgd did not properly handle invalid color index, which could lead to a denial of service against applications using the libgd library.
Upstream patches:
https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
CVE assignment:
http://seclists.org/oss-sec/2016/q2/627
Discussion:
Created gd tracking bugs for this issue:
Affects: fedora-all [bug 1351604]
---
The functionality affected by this flaw was introduced after gd-2.0.35, which is the latest version packaged in RHEL.
---
The impact of this flaw is limited by gd_security.c: specifying an out of
range colour will cause out-of-bounds reads in gdImageCropThreshold, which can
lead to an a
Bugzilla
CVE-2016-6128 gd: Invalid color index not properly handled [fedora-all]
bugzilla·2016-06-30·CVSS 7.5
CVE-2016-6128 [HIGH] CVE-2016-6128 gd: Invalid color index not properly handled [fedora-all]
CVE-2016-6128 gd: Invalid color index not properly handled [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora
http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00078.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2750.htmlhttp://www.debian.org/security/2016/dsa-3619http://www.openwall.com/lists/oss-security/2016/06/30/1http://www.securityfocus.com/bid/91509http://www.securitytracker.com/id/1036276http://www.ubuntu.com/usn/USN-3030-1https://bugs.php.net/72494https://github.com/libgd/libgd/commit/1ccfe21e14c4d18336f9da8515cd17db88c3de61https://github.com/libgd/libgd/commit/6ff72ae40c7c20ece939afb362d98cc37f4a1c96https://libgd.github.io/release-2.2.3.htmlhttps://security.gentoo.org/glsa/201612-09http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00078.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2750.htmlhttp://www.debian.org/security/2016/dsa-3619http://www.openwall.com/lists/oss-security/2016/06/30/1http://www.securityfocus.com/bid/91509http://www.securitytracker.com/id/1036276http://www.ubuntu.com/usn/USN-3030-1https://bugs.php.net/72494https://github.com/libgd/libgd/commit/1ccfe21e14c4d18336f9da8515cd17db88c3de61https://github.com/libgd/libgd/commit/6ff72ae40c7c20ece939afb362d98cc37f4a1c96https://libgd.github.io/release-2.2.3.htmlhttps://security.gentoo.org/glsa/201612-09
2016-08-07
Published