Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:LIBGD-HEAP-BO
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	GD Library libgd gd_gd2.c Heap Buffer Overflow
Release Date	2016/06/09
Update Number	2738
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: GD Library libgd gd_gd2.c Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability against LibGD. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

Affected Products

Debian debian_linux 7.0
Debian debian_linux 8.0
Libgd libgd 2.1.1

References

CVE: CVE-2016-3074

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: GD Library libgd gd_gd2.c Heap Buffer Overflow

Extended Description

Affected Products

References