|Title:||GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability (Linux)|
|Summary:||Check for the version of GD Graphics Library|
Overview: The host is installed with GD Graphics Library and is prone to Buffer
The flaw is due to error in '_gdGetColors' function in gd_gd.c which fails to
check certain colorsTotal structure member, whicn can be exploited to cause
buffer overflow or buffer over-read attacks via a crafted GD file.
Successful exploitation could allow attackers to potentially compromise a
Impact Level: System
GD Graphics Library version 2.x on Linux.
Fix: No solution or patch is available as of 23rd October, 2009. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.boutell.com/gd/
BugTraq ID: 36712|
Common Vulnerability Exposure (CVE) ID: CVE-2009-3546
|Copyright||Copyright (C) 2009 Greenbone Networks GmbH|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.