CVE-2016-6912

Sažetak

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.

Reference

http://www.debian.org/security/2017/dsa-3777
http://www.securityfocus.com/bid/95843
https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md
https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

04-11-2017 - 01:29

Objavljeno

26-01-2017 - 15:59