Debian Libgd2 vulnerabilities

CVE-2016-10168 [HIGH] CVE-2016-10168: libgd2 - Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 ... Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fixed in 2.2.4-1) t

CVE-2016-5767 [HIGH] CVE-2016-5767: libgd2 - Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Librar... Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. Scope: l

CVE-2016-6128 [HIGH] CVE-2016-6128: libgd2 - The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka l... The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. Scope: local bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1) bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1) forky: resolved (fixed in 2.

CVE-2016-10167 [MEDIUM] CVE-2016-10167: libgd2 - The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka... The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fixed in 2.2.4-1) trixie: re

CVE-2016-9317 [MEDIUM] CVE-2016-9317: libgd2 - The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 a... The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fixed in 2.2.4-1) trixie: resolved (fixed in 2.2.4-1)

CVE-2016-6906 [MEDIUM] CVE-2016-6906: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b... The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fix

CVE-2016-6161 [MEDIUM] CVE-2016-6161: libgd2 - The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allow... The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. Scope: local bookworm: resolved (fixed in 2.2.1-1) bullseye: resolved (fixed in 2.2.1-1) forky: resolved (fixed in 2.2.1-1) sid: resolved (fixed in 2.2.1-1) trixie: resolved (fixed in 2.2.1-1)

CVE-2016-6207 [MEDIUM] CVE-2016-6207: libgd2 - Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in ... Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. Scope: local bookworm: resolved (fixed in 2.2.2-43-g22cba39-1) bullseye: resolved (fixed in 2.2.2-43-g22cba39-1) fo

CVE-2016-6911 [MEDIUM] CVE-2016-6911: libgd2 - The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 a... The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. Scope: local bookworm: resolved (fixed in 2.2.3-87-gd0fec80-2) bullseye: resolved (fixed in 2.2.3-87-gd0fec80-2) forky: resolved (fixed in 2.2.3-87-gd0fec80-2) sid: resolved (fixed in 2.2.3-

CVE-2016-6214 [MEDIUM] CVE-2016-6214: libgd2 - gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attac... gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. Scope: local bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1) bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1) forky: resolved (fixed in 2.2.2-29-g3c2b605-1) sid: resolved (fixed in 2.2.2-29-g3c2b605-1) trixi

CVE-2016-6132 [MEDIUM] CVE-2016-6132: libgd2 - The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) befo... The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. Scope: local bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1) bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1) forky: resolved (fixed in 2.2.2-29-g3c2b605-1) sid: resolved (fixed i

CVE-2016-6905 [MEDIUM] CVE-2016-6905: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b... The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image. Scope: local bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1) bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1) forky: resolved (fixed in 2.2.2-29-g3c2b605-1) sid: resolved (fix

CVE-2016-7127 [CRITICAL] CVE-2016-7127: libgd2 - The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x befor... The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments. Scope: local bookworm: resolved bullseye: resolve

CVE-2016-7126 [CRITICAL] CVE-2016-7126: libgd2 - The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x... The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument. Scope: local bookworm: r

CVE-2015-8877 [HIGH] CVE-2015-8877: libgd2 - The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Librar... The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. Scope: local bookworm: reso

CVE-2015-8874 [HIGH] CVE-2015-8874: libgd2 - Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attacke... Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. Scope: local bookworm: resolved (fixed in 2.2.1-1) bullseye: resolved (fixed in 2.2.1-1) forky: resolved (fixed in 2.2.1-1) sid: resolved (fixed in 2.2.1-1) trixie: resolved (fixed in 2.2.1-1)

CVE-2014-9709 [MEDIUM] CVE-2014-9709: libgd2 - The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP bef... The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. Scope: local bookworm: resolved (fixed in 2.1.0-5) bullseye: resolved (

CVE-2014-2497 [MEDIUM] CVE-2014-2497: libgd2 - The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and... The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. Scope: local bookworm: resolved (fixed in 2.1.0-4) bullseye: resolved (fixed in 2.1.0-4) forky: resolved (fixed in 2.1.0-4) sid: resolv

CVE-2014-5120 [MEDIUM] CVE-2014-5120: libgd2 - gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 ... gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. Scope: loca

CVE-2013-7456 [HIGH] CVE-2013-7456: libgd2 - gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used ... gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. Scope: local bookworm: resolved (fixed in 2