CVE-2014-2497

EPSS 5.2%

libgd2 - security update

發布日:2014/3/21修改日:2026/4/28

也稱為:DEBIAN-CVE-2014-2497

描述

The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.

受影響套件(3)

Debian/libgd2from 0, < 2.1.0-4
Debian/libgd2from 0, < 2.0.36~rc1~dfsg-5+deb6u1
Debian/libgd2from 0, < 2.0.36~rc1~dfsg-6.1+deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-2497