User: Password:
Subscribe / Log in / New account

php5, gd: denial of service

Package(s):php5, gd CVE #(s):CVE-2014-2497
Created:June 12, 2014 Updated:March 29, 2015
Description: From the CVE entry:

The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.

Oracle ELSA-2015-1135 php 2015-06-23
Debian-LTS DLA-189-1 libgd2 2015-04-08
Debian DSA-3215-1 libgd2 2015-04-06
Mandriva MDVSA-2015:153 libgd 2015-03-29
Fedora FEDORA-2015-0503 gd 2015-01-20
Fedora FEDORA-2015-0432 gd 2015-01-19
Red Hat RHSA-2014:1766-01 php55-php 2014-10-30
Red Hat RHSA-2014:1765-01 php54-php 2014-10-30
Oracle ELSA-2014-1326 php 2014-09-30
Oracle ELSA-2014-1327 php 2014-09-30
CentOS CESA-2014:1326 php 2014-09-30
CentOS CESA-2014:1326 php 2014-09-30
CentOS CESA-2014:1327 php 2014-09-30
Red Hat RHSA-2014:1326-01 php 2014-09-30
Red Hat RHSA-2014:1327-01 php 2014-09-30
Slackware SSA:2014-247-01 php 2014-09-04
Mandriva MDVSA-2014:172 php 2014-09-03
Fedora FEDORA-2014-9679 php 2014-09-02
Gentoo 201408-11 php 2014-08-29
Scientific Linux SLSA-2014:1326-1 php53 and php 2014-10-13
Fedora FEDORA-2014-8458 gd 2014-08-15
Mandriva MDVSA-2014:133 gd 2014-07-10
Mageia MGASA-2014-0283 php 2014-07-09
Mageia MGASA-2014-0288 gd 2014-07-09
SUSE SUSE-SU-2014:0873-2 PHP5 2014-07-07
SUSE SUSE-SU-2014:0873-1 PHP5 2014-07-05
SUSE SUSE-SU-2014:0869-1 php53 2014-07-04
SUSE SUSE-SU-2014:0868-1 PHP5 2014-07-04
openSUSE openSUSE-SU-2014:0786-1 php5 2014-06-12
openSUSE openSUSE-SU-2014:0784-1 php5 2014-06-12
Ubuntu USN-2987-1 libgd2 2016-05-31
Gentoo 201607-04 gd 2016-07-16

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds