CVE-2016-3074 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 97%

Vendor	Product	Version
libgd	libgd	2.1.1
debian	debian_linux	7.0
debian	debian_linux	8.0
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.10
canonical	ubuntu_linux	16.04
opensuse	opensuse	13.2
php	php	5.5.0 ≤ 𝑥 < 5.5.35
php	php	5.6.0 ≤ 𝑥 < 5.6.21
php	php	7.0.0 ≤ 𝑥 < 7.0.6

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

libgd2

bullseye	2.3.0-2 fixed
bookworm	2.3.3-9 fixed
sid	2.3.3-12 fixed
trixie	2.3.3-12 fixed

Ubuntu Releases

Ubuntu Product

Codename

libgd2

xenial	Fixed 2.1.1-4ubuntu0.16.04.1 released
wily	Fixed 2.1.1-4ubuntu0.15.10.1 released
trusty	Fixed 2.1.0-3ubuntu0.1 released
precise	Fixed 2.0.36~rc1~dfsg-6ubuntu2.1 released

php5

xenial	dne
wily	not-affected
trusty	not-affected
precise	not-affected

php7.0

xenial	not-affected
wily	dne
trusty	dne
precise	dne

Known Exploits!

Common Weakness Enumeration

CWE-681 - Incorrect Conversion between Numeric Types
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183263.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183724.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html

http://packetstormsecurity.com/files/136757/libgd-2.1.1-Signedness.html

http://rhn.redhat.com/errata/RHSA-2016-2750.html

http://seclists.org/fulldisclosure/2016/Apr/72

http://www.debian.org/security/2016/dsa-3556

http://www.debian.org/security/2016/dsa-3602

http://www.securityfocus.com/archive/1/538160/100/0/threaded

http://www.securityfocus.com/bid/87087

http://www.securitytracker.com/id/1035659

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.383127

http://www.ubuntu.com/usn/USN-2987-1

https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

https://security.gentoo.org/glsa/201607-04

https://security.gentoo.org/glsa/201611-22

https://www.exploit-db.com/exploits/39736/

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183263.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183724.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html

http://packetstormsecurity.com/files/136757/libgd-2.1.1-Signedness.html

http://rhn.redhat.com/errata/RHSA-2016-2750.html

http://seclists.org/fulldisclosure/2016/Apr/72

http://www.debian.org/security/2016/dsa-3556

http://www.debian.org/security/2016/dsa-3602

http://www.securityfocus.com/archive/1/538160/100/0/threaded

http://www.securityfocus.com/bid/87087

http://www.securitytracker.com/id/1035659

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.383127

http://www.ubuntu.com/usn/USN-2987-1

https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

https://security.gentoo.org/glsa/201607-04

https://security.gentoo.org/glsa/201611-22

https://www.exploit-db.com/exploits/39736/