CVE-2016-6128

Synopsis Moderate: rh-php56 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rh-php56, rh-php56-php, and rh-php56-php-pear is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Mo ...

The GD library could be made to crash or run programs if it processed a specially crafted image file ...

Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library (application crash), or potentially to execute arbitrary code with the privileges of the user running the a ...

Debian Bug report logs - #829062 libgd2: CVE-2016-6128: Invalid color index is not properly handled leading to denial of service Package: src:libgd2; Maintainer for src:libgd2 is GD Team <team+gd@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 30 Jun 2016 07:39:01 UTC Severity: i ...

Debian Bug report logs - #829694 libgd2: CVE-2016-6132: read out-of-bands was found in the parsing of TGA files Package: libgd2; Maintainer for libgd2 is GD Team <team+gd@trackerdebianorg>; Reported by: Hugo Lefeuvre <hle@debianorg> Date: Tue, 5 Jul 2016 12:24:01 UTC Severity: important Tags: security, upstream ...

Debian Bug report logs - #829014 libgd2: CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow Package: src:libgd2; Maintainer for src:libgd2 is GD Team <team+gd@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 29 Jun 2016 19:15:02 UTC Severity: important T ...

It was found that libgd did not properly handle invalid color indexes in GD files An attacker who could submit a crafted GD file for conversion could cause applications using libgd to crash, leading to denial of service ...