{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-18T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-03T09:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "[oss-security] 20170126 CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2017/01/26/1"}, {"name": "[oss-security] 20170128 Re: CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2017/01/28/6"}, {"name": "RHSA-2018:1296", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libgd.github.io/release-2.2.4.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/issues/354"}, {"name": "DSA-3777", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3777"}, {"name": "95869", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95869"}, {"name": "1037659", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037659"}, {"name": "RHSA-2017:3221", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3221"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2016-10168", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20170126 CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/01/26/1"}, {"name": "[oss-security] 20170128 Re: CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/01/28/6"}, {"name": "RHSA-2018:1296", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"name": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6"}, {"name": "http://libgd.github.io/release-2.2.4.html", "refsource": "CONFIRM", "url": "http://libgd.github.io/release-2.2.4.html"}, {"name": "https://github.com/libgd/libgd/issues/354", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/issues/354"}, {"name": "DSA-3777", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3777"}, {"name": "95869", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95869"}, {"name": "1037659", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037659"}, {"name": "RHSA-2017:3221", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3221"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:14:42.315Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20170126 CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2017/01/26/1"}, {"name": "[oss-security] 20170128 Re: CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2017/01/28/6"}, {"name": "RHSA-2018:1296", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libgd.github.io/release-2.2.4.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/libgd/libgd/issues/354"}, {"name": "DSA-3777", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3777"}, {"name": "95869", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95869"}, {"name": "1037659", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037659"}, {"name": "RHSA-2017:3221", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3221"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2016-10168", "datePublished": "2017-03-15T15:00:00", "dateReserved": "2017-01-28T00:00:00", "dateUpdated": "2024-08-06T03:14:42.315Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*", "matchCriteriaId": "E040BCCE-C098-492F-990F-D0196B519B10", "versionEndIncluding": "2.2.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image."}, {"lang": "es", "value": "Desbordamiento de entero en gd_io.c en la GD Graphics Library (tambi\u00e9n conocida como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de vectores que implican el n\u00famero de trozos horizontales y verticales en una imagen."}], "id": "CVE-2016-10168", "lastModified": "2024-11-21T02:43:27.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-15T15:59:00.343", "references": [{"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "http://libgd.github.io/release-2.2.4.html"}, {"source": "security@debian.org", "url": "http://www.debian.org/security/2017/dsa-3777"}, {"source": "security@debian.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/26/1"}, {"source": "security@debian.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/28/6"}, {"source": "security@debian.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95869"}, {"source": "security@debian.org", "url": "http://www.securitytracker.com/id/1037659"}, {"source": "security@debian.org", "url": "https://access.redhat.com/errata/RHSA-2017:3221"}, {"source": "security@debian.org", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/libgd/libgd/issues/354"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://libgd.github.io/release-2.2.4.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2017/dsa-3777"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/26/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/28/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95869"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037659"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:3221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/libgd/libgd/issues/354"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2017:3221", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "php-0:5.4.16-43.el7_4", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-11-15T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-php70-php-0:7.0.27-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-php70-php-0:7.0.27-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php70-php-0:7.0.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php70-php-0:7.0.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php70-php-0:7.0.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1296", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php70-php-0:7.0.27-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2018-05-03T00:00:00Z"}], "bugzilla": {"description": "gd: Integer overflow in gd_io.c", "id": "1418986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418986"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-190", "details": ["Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.", "An integer overflow flaw, leading to a heap-based buffer overflow was found in the way libgd read some specially-crafted gd2 files. A remote attacker could use this flaw to crash an application compiled with libgd or in certain cases execute arbitrary code with the privileges of the user running that application."], "name": "CVE-2016-10168", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-php56-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-php71-php", "product_name": "Red Hat Software Collections"}], "public_date": "2016-12-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-10168\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-10168"], "threat_severity": "Moderate", "upstream_fix": "php 5.6.30, php 7.0.15, php 7.1.1, gd 2.2.4"}