« List of all CVEs

CVE-2016-3074

Published: 4/26/2016 Last updated: 8/5/2024 Reserved: 3/10/2016

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (1)

conf-gd

Products affected (1)

Product Vendor Version
n/a n/a < 6.1.7601.25954

References (36)