Published: 07/09/2017 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Double free vulnerability in the gdImagePngPtr function in libgd2 prior to 2.2.5 allows remote malicious users to cause a denial of service via vectors related to a palette with no colors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libgd libgd 2.2.4
debian debian linux 8.0
debian debian linux 9.0
fedoraproject fedora 26
canonical ubuntu linux 16.04

GD library could be made to crash if it opened a specially crafted file ...

A double-free vulnerability was discovered in the gdImagePngPtr() function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a specially crafted file is processed For the oldstable distribution (jessie), this problem has been fixed in ve ...

Double free vulnerability in the gdImagePngPtr function in libgd2 before 225 allows remote attackers to cause a denial of service via vectors related to a palette with no colors ...

CWE-415 https://github.com/libgd/libgd/releases/tag/gd-2.2.5 https://github.com/libgd/libgd/issues/381 http://www.debian.org/security/2017/dsa-3961 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N2BLXX7KNRE7ZVQAKGTHHWS33CUCXVUP/https://nvd.nist.gov https://usn.ubuntu.com/3410-1/

CVE-2017-6362

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect