CVE-2016-6214 - OpenCVE

gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Libgd	Libgd
Opensuse	Leap

Configuration 1 [-]

OR	cpe:2.3:a:libgd:libgd::::::::
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:opensuse:leap:42.1:::::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html
http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html
http://www.debian.org/security/2016/dsa-3619
http://www.openwall.com/lists/oss-security/2016/07/13/12
http://www.openwall.com/lists/oss-security/2016/07/13/5
http://www.ubuntu.com/usn/USN-3060-1
https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
https://github.com/libgd/libgd/issues/247#issuecomment-232084241
https://libgd.github.io/release-2.2.3.html
https://nvd.nist.gov/vuln/detail/CVE-2016-6214
https://www.cve.org/CVERecord?id=CVE-2016-6214

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-08-12T15:00:00

Updated: 2024-08-06T01:22:20.648Z

Reserved: 2016-07-13T00:00:00

Link: CVE-2016-6214

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-08-12T15:59:04.980

Modified: 2018-10-30T16:27:32.030

Link: CVE-2016-6214

Redhat

Severity : Low

Publid Date: 2016-07-12T00:00:00Z

Links: CVE-2016-6214 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "openSUSE-SU-2016:2117", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://libgd.github.io/release-2.2.3.html"}, {"name": "openSUSE-SU-2016:2363", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/issues/247#issuecomment-232084241"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/12"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/5"}, {"name": "USN-3060-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3060-1"}, {"name": "DSA-3619", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3619"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-6214", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2016:2117", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"}, {"name": "https://libgd.github.io/release-2.2.3.html", "refsource": "CONFIRM", "url": "https://libgd.github.io/release-2.2.3.html"}, {"name": "openSUSE-SU-2016:2363", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"}, {"name": "https://github.com/libgd/libgd/issues/247#issuecomment-232084241", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/issues/247#issuecomment-232084241"}, {"name": "https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/13/12"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/13/5"}, {"name": "USN-3060-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3060-1"}, {"name": "DSA-3619", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3619"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:22:20.648Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2016:2117", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://libgd.github.io/release-2.2.3.html"}, {"name": "openSUSE-SU-2016:2363", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/libgd/libgd/issues/247#issuecomment-232084241"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/12"}, {"name": "[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/5"}, {"name": "USN-3060-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3060-1"}, {"name": "DSA-3619", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3619"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-6214", "datePublished": "2016-08-12T15:00:00", "dateReserved": "2016-07-13T00:00:00", "dateUpdated": "2024-08-06T01:22:20.648Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CABE614C-FFD3-4B02-B5DF-658185F8D874", "versionEndIncluding": "2.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file."}, {"lang": "es", "value": "gd_tga.c en GD Graphics Library (tambi\u00e9n conocida como libgd) en versiones anteriores a 2.2.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de un archivo TGA manipulado."}], "id": "CVE-2016-6214", "lastModified": "2018-10-30T16:27:32.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-12T15:59:04.980", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3619"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/12"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/13/5"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-3060-1"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/libgd/libgd/issues/247#issuecomment-232084241"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://libgd.github.io/release-2.2.3.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "gd: Buffer over-read issue when parsing crafted TGA file", "id": "1356466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356466"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "draft"}, "cvss3": {"cvss3_base_score": "4.0", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-130->CWE-125", "details": ["gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file."], "name": "CVE-2016-6214", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "gd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libwmf", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Not affected", "package_name": "gd", "product_name": "Red Hat OpenShift Enterprise 2"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "php54-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "php55-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-php56-php", "product_name": "Red Hat Software Collections"}], "public_date": "2016-07-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-6214\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-6214"], "threat_severity": "Low"}