11190 : GD Graphics Library PNG Handling gdImageCreateFromPngCtx() Overflow
Printer | http://osvdb.org/11190 | Email This | Edit Vulnerability

Views This Week

Views All Time

322

Info

Last Modified

about 1 year ago

Percent Complete

100%

Disclosure

Oct 25, 2004

Discovery

Unknown

Dates

Exploit

Oct 25, 2004

Solution

Unknown

Keywords

No Keywords

Description

A remote overflow exists in GD Graphics Library. GD Graphics Library fails to check for an integer overflow when allocating memory for PNG image files in the gd_png.c gdImageCreateFromPngCtx() function. Using a specially crafted PNG image file, an attacker can cause a heap overflow and as a result remotely execute arbitrary code, leading to a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 2.0.29 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Boutell.Com, Inc.	GD Graphics Library	2.0.28
		2.0.27
		2.0.26
		2.0.25
		2.0.24
		2.0.23
		2.0.22
		2.0.21
		2.0.20
		2.0.1x

References

Security Tracker: 1011945
Bugtraq ID: 11523
Secunia Advisory ID: 12996 13092 13180 13230 13337 13338 13520 18717 21050 23783
ISS X-Force ID: 17866
CVE ID: 2004-0990 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0273.html
Vendor Specific Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
http://www.debian.org/security/2004/dsa-589
http://www.debian.org/security/2004/dsa-591
http://www.gentoo.org/security/en/glsa/glsa-200411-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
Packet Storm: http://packetstormsecurity.nl/0410-exploits/gd-graphics.c
Vendor URL: http://www.boutell.com/gd/
Vendor Specific News/Changelog Entry: http://www.boutell.com/gd/manual2.0.32.html#whatsnew2.0.29
Other Advisory URL: http://www.debian.org/security/2004/dsa-601
http://www.debian.org/security/2004/dsa-602
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:132
http://www.openpkg.org/security/OpenPKG-SA-2004.049-gd.html
https://issues.rpath.com/browse/RPL-939
RedHat RHSA: RHSA-2004:638

Tools & Filters

Nessus	15619 15687 15689 15732 15733 15737 15801 15844 15845 15995 20496 20627 20640 20649 21776 22053

Credit

infamous41md - infamous41mdhotpop.com -

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Keywords

Description

Classification

Solution

Products

Boutell.Com, Inc.

GD Graphics Library

References

Tools & Filters

Credit

Blogs

Comments