Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2016-6905

Published: 03/10/2016 Updated: 30/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) prior to 2.2.3 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA image.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libgd libgd

opensuse opensuse 13.2

opensuse leap 42.1

Vendor Advisories

Debian Security Advisories: DSA-3619-1 libgd2 -- security update
Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library (application crash), or potentially to execute arbitrary code with the privileges of the user running the a ...
Red Hat: CVE-2016-6905
The read_image_tga function in gd_tgac in the GD Graphics Library (aka libgd) before 223 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image ...

References

CWE-125http://www.openwall.com/lists/oss-security/2016/08/23/1http://www.securityfocus.com/bid/91743http://lists.opensuse.org/opensuse-updates/2016-08/msg00121.htmlhttps://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03https://github.com/libgd/libgd/issues/248https://github.com/libgd/libgd/pull/251https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.htmlhttp://libgd.github.io/release-2.2.3.htmlhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-3619
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324path traversalCVE-2024-4743CVE-2024-5184TCPCVE-2024-27822code injectionCVE-2024-28995CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook