what you don't know can hurt you

Register | Login

Home Files News Services About Contact Add New

Showing 1 - 5 of 5

CVE-2019-11038

Status Candidate

Overview

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

Related Files

Ubuntu Security Notice USN-4316-2: Posted Apr 3, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4316-2 - USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2018-14553, CVE-2019-11038; MD5 | 974fa84156e30a0a57445f492d8a5c44; Download | Favorite | View

Ubuntu Security Notice USN-4316-1: Posted Apr 3, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4316-1 - It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2018-14553, CVE-2019-11038; MD5 | b09ee9b58c468fb819c495efe5c9e3f1; Download | Favorite | View

Red Hat Security Advisory 2019-3299-01: Posted Nov 1, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2016-10166, CVE-2018-20783, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640; MD5 | 0b3a743000a8d1ce9382590da63feba1; Download | Favorite | View

Debian Security Advisory 4529-1: Posted Sep 23, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4529-1 - Multiple security issues were found in PHP, a widely-used open source extension and the iconv_mime_decode_headers() function could result in information disclosure or denial of service.; tags | advisory, denial of service, php, info disclosure; systems | linux, debian; advisories | CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042; MD5 | f583acc45bad01ccf4ef3aeecb05cc02; Download | Favorite | View

Red Hat Security Advisory 2019-2519-01: Posted Aug 19, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.; tags | advisory, web, denial of service, overflow, php, vulnerability, xss; systems | linux, redhat; advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022; MD5 | 78b5fcb3a3c8f8ee710500de6377153e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 122 files
Ubuntu 47 files
malvuln 41 files
Google Security Research 9 files
Vulnerability Laboratory 7 files
LiquidWorm 6 files
Yvan Genuer 6 files
nu11secur1ty 6 files
twseptian 4 files
Ron Jost 4 files

File Tags

File Archives

Systems

AIX (423)
Apple (1,853)
BSD (368)
CentOS (55)
Cisco (1,909)
Debian (5,947)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,149)
HPUX (875)
iOS (310)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (41,373)
Mac OS X (682)
Mandriva (3,105)
NetBSD (255)
OpenBSD (476)
RedHat (10,981)
Slackware (941)
Solaris (1,601)
SUSE (1,444)
Ubuntu (7,592)
UNIX (9,014)
UnixWare (182)
Windows (6,263)
Other

packet storm

© 2020 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec