exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2019-6977

Status Candidate

Overview

gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.

Related Files

Red Hat Security Advisory 2020-4659-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4659-01 - GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Issues addressed include buffer overflow, double free, and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-14553, CVE-2019-6977, CVE-2019-6978
MD5 | 23ba1ed2472532ded241658f96db2467
Red Hat Security Advisory 2019-3299-01
Posted Nov 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2016-10166, CVE-2018-20783, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640
MD5 | 0b3a743000a8d1ce9382590da63feba1
Red Hat Security Advisory 2019-2519-01
Posted Aug 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.

tags | advisory, web, denial of service, overflow, php, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022
MD5 | 78b5fcb3a3c8f8ee710500de6377153e
PHP 7.2 imagecolormatch() Out-Of-Band Heap Write
Posted Apr 9, 2019
Authored by Charles FOL

PHP version 7.2 suffers from an imagecolormatch() out-of-band heap write vulnerability.

tags | exploit, php
advisories | CVE-2019-6977
MD5 | 2d3f238d47fc9c55295cc1e13a14b238
Gentoo Linux Security Advisory 201903-18
Posted Mar 28, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-18 - Multiple vulnerabilities have been found in GD, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.5-r2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-1000222, CVE-2018-5711, CVE-2019-6977, CVE-2019-6978
MD5 | 7b4489f5e7760ed912dafd127c4f193f
Ubuntu Security Notice USN-3900-1
Posted Feb 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3900-1 - It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-6977
MD5 | 5465e69907c9e79e55b5186813ab2317
Debian Security Advisory 4384-1
Posted Feb 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4384-1 - Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-6977, CVE-2019-6978
MD5 | 2d023cb3c984583f2c891fe07f43d4ac
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    28 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close