gd: signedness vulnerability causing heap overflow (CVE-2016-3074)
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or
libgd2) allows remote attackers to
cause a denial of service (crash) or potentially execute arbitrary code
via crafted compressed gd2 data,
which triggers a heap-based buffer overflow.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3074
http://seclists.org/fulldisclosure/2016/Apr/72
Patch:
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19
(from redmine: issue id 5608, created on 2016-05-20, closed on 2016-06-23)
- Relations:
- child #5609 (closed)
- child #5610 (closed)
- child #5611 (closed)
- child #5612 (closed)
- child #5613 (closed)