CVE-2016-6906
published 2017-03-15CVE-2016-6906: The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds…
PriorityP420medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
EPSS
1.98%
78.0th percentile
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libgd2 | < libgd2 2.2.4-1 (bookworm) | libgd2 2.2.4-1 (bookworm) |
| libgd | libgd | <= 2.2.3 | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GD library vulnerabilities
vendor_ubuntu·2017-02-28·CVSS 9.8
CVE-2016-10166 [CRITICAL] GD library vulnerabilities
Title: GD library vulnerabilities
Summary: The GD library could be made to crash or run programs if it processed a
specially crafted image file.
Stefan Esser discovered that the GD library incorrectly handled memory when
processing certain images. If a user or automated system were tricked into
processing a specially crafted image, an attacker could cause a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10166)
It was discovered that the GD library incorrectly handled certain malformed
images. If a user or automated system were tricked into processing a
specially crafted image, an attacker could cause a denial of service.
(CVE-2016-10167)
It was discovered that the GD library incorrectly hand
Red Hat
gd: Out-of-bounds read in read_image_tga function
vendor_redhat·2016-08-16·CVSS 5.5
CVE-2016-6906 [MEDIUM] CWE-125 gd: Out-of-bounds read in read_image_tga function
gd: Out-of-bounds read in read_image_tga function
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Package: gd (Red Hat Enterprise Linux 5) - Not affected
Package: libwmf (Red Hat Enterprise Linux 5) - Not affected
Package: php (Red Hat Enterprise Linux 5) - Not affected
Package: php53 (Red Hat Enterprise Linux 5) - Not affected
Package: gd (Red Hat Enterprise Linux 6) - Not affected
Package: libwmf (Red Hat Enterprise Linux 6) - Not affected
Package: php (Red Hat Enterprise Linux 6) - Not affected
Package: gd (Red Hat Enterprise Linux 7) - Not affected
Package: libwmf (Red Hat Enterprise Linux 7) - Not a
Debian
CVE-2016-6906: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b...
vendor_debian·2016·CVSS 5.5
CVE-2016-6906 [MEDIUM] CVE-2016-6906: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b...
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Scope: local
bookworm: resolved (fixed in 2.2.4-1)
bullseye: resolved (fixed in 2.2.4-1)
forky: resolved (fixed in 2.2.4-1)
sid: resolved (fixed in 2.2.4-1)
trixie: resolved (fixed in 2.2.4-1)
GHSA
GHSA-x7r4-5mq3-7p72: The read_image_tga function in gd_tga
ghsa_unreviewed·2022-05-17
CVE-2016-6906 [MEDIUM] CWE-125 GHSA-x7r4-5mq3-7p72: The read_image_tga function in gd_tga
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
OSV
CVE-2016-6906: The read_image_tga function in gd_tga
osv·2017-03-15·CVSS 5.5
CVE-2016-6906 [MEDIUM] CVE-2016-6906: The read_image_tga function in gd_tga
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
OSV
libgd2 vulnerabilities
osv·2017-02-28·CVSS 9.8
CVE-2016-10166 [CRITICAL] libgd2 vulnerabilities
libgd2 vulnerabilities
Stefan Esser discovered that the GD library incorrectly handled memory when
processing certain images. If a user or automated system were tricked into
processing a specially crafted image, an attacker could cause a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10166)
It was discovered that the GD library incorrectly handled certain malformed
images. If a user or automated system were tricked into processing a
specially crafted image, an attacker could cause a denial of service.
(CVE-2016-10167)
It was discovered that the GD library incorrectly handled certain malformed
images. If a user or automated system were tricked into processing a
specially crafted image, an atta
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-6906 libwmf: gd: Out-of-bounds read in read_image_tga function [fedora-all]
bugzilla·2017-03-23·CVSS 5.5
CVE-2016-6906 [MEDIUM] CVE-2016-6906 libwmf: gd: Out-of-bounds read in read_image_tga function [fedora-all]
CVE-2016-6906 libwmf: gd: Out-of-bounds read in read_image_tga function [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versi
Bugzilla
CVE-2016-6906 gd: Out-of-bounds read in read_image_tga function
bugzilla·2017-03-23·CVSS 5.5
CVE-2016-6906 [MEDIUM] CVE-2016-6906 gd: Out-of-bounds read in read_image_tga function
CVE-2016-6906 gd: Out-of-bounds read in read_image_tga function
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Upstream patches:
https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558
https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415
References:
https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md
Discussion:
Created libwmf tracking bugs for this issue:
Affects: fedora-all [bug 1435317]
---
Created libwmf tracking bugs for this issue:
Affects: fedora-all [bug 1435317]
http://www.debian.org/security/2017/dsa-3777http://www.securityfocus.com/bid/96503https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.mdhttps://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415http://www.debian.org/security/2017/dsa-3777http://www.securityfocus.com/bid/96503https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.mdhttps://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415
2017-03-15
Published