Shodan
Vulnerabilities
Vulnerable Software
Libgd:  >> Libgd  >> 2.2.1  Security Vulnerabilities
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
CVSS Score
9.8
EPSS Score
0.009
Published
2017-01-26
CVE-2016-9317
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
CVSS Score
5.5
EPSS Score
0.011
Published
2017-01-26
CVE-2016-8670
Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
CVSS Score
9.8
EPSS Score
0.017
Published
2017-01-04
CVE-2016-9933
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
CVSS Score
7.5
EPSS Score
0.053
Published
2017-01-04
CVE-2016-6905
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
CVSS Score
6.5
EPSS Score
0.011
Published
2016-10-03
CVE-2016-7568
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
CVSS Score
9.8
EPSS Score
0.011
Published
2016-09-28
CVE-2016-6214
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVSS Score
6.5
EPSS Score
0.094
Published
2016-08-12
CVE-2016-6207
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.05
Published
2016-08-12
CVE-2016-6161
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
CVSS Score
6.5
EPSS Score
0.004
Published
2016-08-12
CVE-2016-6132
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVSS Score
6.5
EPSS Score
0.021
Published
2016-08-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved