Vulnerability-Lookup

CVE-2016-8670 (GCVE-0-2016-8670)

Vulnerability from cvelistv5 – Published: 2017-01-04 20:00 – Updated: 2024-08-06 02:27

Summary

Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.

Severity ?

No CVSS data available.

CWE

Assigner

debian

References

URL

GHSA-7HRM-234X-37P5

Vulnerability from github – Published: 2022-05-17 00:27 – Updated: 2025-04-12 13:07

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-8670"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-01-04T20:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.",
  "id": "GHSA-7hrm-234x-37p5",
  "modified": "2025-04-12T13:07:55Z",
  "published": "2022-05-17T00:27:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8670"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9"
    },
    {
      "type": "WEB",
      "url": "https://bugs.php.net/bug.php?id=73280"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp;utm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3693"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/10/15/1"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/ChangeLog-7.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93594"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2016-09857

Vulnerability from cnvd - Published: 2016-10-24

Title

PHP LibGD栈缓冲区溢出漏洞

Description

libGD是一个开源的用于动态创建图像的库，它支持创建图表、图形和缩略图等。 PHP LibGD存在栈缓冲区溢出漏洞，允许远程攻击者可利用该漏洞提交特殊请求，进行拒绝服务攻击。

Severity

中

Patch Name

PHP LibGD栈缓冲区溢出漏洞的补丁

Patch Description

libGD是一个开源的用于动态创建图像的库，它支持创建图表、图形和缩略图等。 PHP LibGD存在栈缓冲区溢出漏洞，允许远程攻击者可利用该漏洞提交特殊请求，进行拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可联系供应商获得补丁信息： https://github.com/libgd/libgd/

Reference

http://www.securityfocus.com/bid/93594

Impacted products

Name
PHP LibGD

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93594"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8670"
    }
  },
  "description": "libGD\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7528\u4e8e\u52a8\u6001\u521b\u5efa\u56fe\u50cf\u7684\u5e93\uff0c\u5b83\u652f\u6301\u521b\u5efa\u56fe\u8868\u3001\u56fe\u5f62\u548c\u7f29\u7565\u56fe\u7b49\u3002\r\n\r\nPHP LibGD\u5b58\u5728\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Emmanuel Law",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://github.com/libgd/libgd/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09857",
  "openTime": "2016-10-24",
  "patchDescription": "libGD\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7528\u4e8e\u52a8\u6001\u521b\u5efa\u56fe\u50cf\u7684\u5e93\uff0c\u5b83\u652f\u6301\u521b\u5efa\u56fe\u8868\u3001\u56fe\u5f62\u548c\u7f29\u7565\u56fe\u7b49\u3002\r\n\r\nPHP LibGD\u5b58\u5728\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "PHP LibGD\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "PHP LibGD"
  },
  "referenceLink": "http://www.securityfocus.com/bid/93594",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-18",
  "title": "PHP LibGD\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

GSD-2016-8670

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-8670

Aliases

CVE-2016-8670

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-8670",
    "description": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.",
    "id": "GSD-2016-8670",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-8670.html",
      "https://www.debian.org/security/2016/dsa-3693",
      "https://ubuntu.com/security/CVE-2016-8670",
      "https://advisories.mageia.org/CVE-2016-8670.html",
      "https://security.archlinux.org/CVE-2016-8670",
      "https://alas.aws.amazon.com/cve/html/CVE-2016-8670.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8670"
      ],
      "details": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.",
      "id": "GSD-2016-8670",
      "modified": "2023-12-13T01:21:22.670413Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2016-8670",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.php.net/ChangeLog-7.php",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/ChangeLog-7.php"
          },
          {
            "name": "93594",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93594"
          },
          {
            "name": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9",
            "refsource": "CONFIRM",
            "url": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9"
          },
          {
            "name": "[oss-security] 20161015 CVE Request: libgd: Stack Buffer Overflow in GD dynamicGetbuf",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/10/15/1"
          },
          {
            "name": "DSA-3693",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2016/dsa-3693"
          },
          {
            "name": "https://bugs.php.net/bug.php?id=73280",
            "refsource": "CONFIRM",
            "url": "https://bugs.php.net/bug.php?id=73280"
          },
          {
            "name": "http://www.php.net/ChangeLog-5.php",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "name": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp;utm_medium=RSS",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp;utm_medium=RSS"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.2.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.6.27",
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-8670"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=73280",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://bugs.php.net/bug.php?id=73280"
            },
            {
              "name": "http://www.php.net/ChangeLog-7.php",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/ChangeLog-7.php"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/ChangeLog-5.php"
            },
            {
              "name": "[oss-security] 20161015 CVE Request: libgd: Stack Buffer Overflow in GD dynamicGetbuf",
              "refsource": "MLIST",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/15/1"
            },
            {
              "name": "93594",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/93594"
            },
            {
              "name": "DSA-3693",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2016/dsa-3693"
            },
            {
              "name": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp;utm_medium=RSS"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-11-04T01:29Z",
      "publishedDate": "2017-01-04T20:59Z"
    }
  }
}

CERTFR-2017-AVI-028

Vulnerability from certfr_avis - Published: 2017-01-24 - Updated: 2017-01-24

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	tvOS versions antérieures à 10.1.1
Apple	N/A	iTunes pour Windows versions antérieures à 12.5.5
Apple	N/A	iCloud pour Windows versions antérieures à 6.1.1
Apple	macOS	macOS Sierra versions antérieures à 10.12.3
Apple	Safari	Safari versions antérieures à 10.0.3
Apple	N/A	iOS versions antérieures à 10.2.1
Apple	N/A	watchOS versions antérieures à 3.1.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT207485 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207482 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207483 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207481 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207487 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207484 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207486 du 23 janvier 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 10.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iTunes pour Windows versions ant\u00e9rieures \u00e0 12.5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 10.0.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 3.1.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-7615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7615"
    },
    {
      "name": "CVE-2016-7643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7643"
    },
    {
      "name": "CVE-2016-7589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7589"
    },
    {
      "name": "CVE-2017-2358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2358"
    },
    {
      "name": "CVE-2017-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2369"
    },
    {
      "name": "CVE-2016-9933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9933"
    },
    {
      "name": "CVE-2016-7591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7591"
    },
    {
      "name": "CVE-2016-7637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7637"
    },
    {
      "name": "CVE-2016-4688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4688"
    },
    {
      "name": "CVE-2017-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2371"
    },
    {
      "name": "CVE-2016-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7616"
    },
    {
      "name": "CVE-2016-7659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7659"
    },
    {
      "name": "CVE-2017-2353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2353"
    },
    {
      "name": "CVE-2016-7663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7663"
    },
    {
      "name": "CVE-2016-7626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7626"
    },
    {
      "name": "CVE-2017-2365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2365"
    },
    {
      "name": "CVE-2016-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7595"
    },
    {
      "name": "CVE-2016-7657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7657"
    },
    {
      "name": "CVE-2017-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2357"
    },
    {
      "name": "CVE-2017-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2370"
    },
    {
      "name": "CVE-2016-7588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7588"
    },
    {
      "name": "CVE-2016-7636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7636"
    },
    {
      "name": "CVE-2017-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2356"
    },
    {
      "name": "CVE-2017-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2352"
    },
    {
      "name": "CVE-2017-2360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2360"
    },
    {
      "name": "CVE-2017-2363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2363"
    },
    {
      "name": "CVE-2016-1248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1248"
    },
    {
      "name": "CVE-2016-7651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7651"
    },
    {
      "name": "CVE-2016-7621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7621"
    },
    {
      "name": "CVE-2016-7606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7606"
    },
    {
      "name": "CVE-2016-8687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8687"
    },
    {
      "name": "CVE-2017-2361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2361"
    },
    {
      "name": "CVE-2017-2366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2366"
    },
    {
      "name": "CVE-2017-2373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2373"
    },
    {
      "name": "CVE-2016-4691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4691"
    },
    {
      "name": "CVE-2017-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2351"
    },
    {
      "name": "CVE-2017-2362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2362"
    },
    {
      "name": "CVE-2016-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4693"
    },
    {
      "name": "CVE-2016-7658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7658"
    },
    {
      "name": "CVE-2016-7662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7662"
    },
    {
      "name": "CVE-2016-7660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7660"
    },
    {
      "name": "CVE-2016-7612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7612"
    },
    {
      "name": "CVE-2017-2350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2350"
    },
    {
      "name": "CVE-2016-7644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7644"
    },
    {
      "name": "CVE-2017-2364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2364"
    },
    {
      "name": "CVE-2016-7627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7627"
    },
    {
      "name": "CVE-2016-8670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8670"
    },
    {
      "name": "CVE-2016-7607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7607"
    },
    {
      "name": "CVE-2017-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2354"
    },
    {
      "name": "CVE-2016-7594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7594"
    },
    {
      "name": "CVE-2016-7619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7619"
    },
    {
      "name": "CVE-2016-9934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9934"
    },
    {
      "name": "CVE-2017-2368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2368"
    },
    {
      "name": "CVE-2017-2355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2355"
    },
    {
      "name": "CVE-2017-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2359"
    }
  ],
  "initial_release_date": "2017-01-24T00:00:00",
  "last_revision_date": "2017-01-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-028",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-01-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207485 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207485"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207482 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207482"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207483 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207483"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207481 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207481"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207487 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207487"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207484 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207484"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207486 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207486"
    }
  ]
}

FKIE_CVE-2016-8670

Vulnerability from fkie_nvd - Published: 2017-01-04 20:59 - Updated: 2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@debian.org	http://www.debian.org/security/2016/dsa-3693
security@debian.org	http://www.openwall.com/lists/oss-security/2016/10/15/1	Third Party Advisory
security@debian.org	http://www.php.net/ChangeLog-5.php	Release Notes, Vendor Advisory
security@debian.org	http://www.php.net/ChangeLog-7.php	Release Notes, Vendor Advisory
security@debian.org	http://www.securityfocus.com/bid/93594
security@debian.org	https://bugs.php.net/bug.php?id=73280	Vendor Advisory
security@debian.org	https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9	Vendor Advisory
security@debian.org	https://support.f5.com/csp/article/K21336065?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2016/dsa-3693
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/10/15/1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/ChangeLog-5.php	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/ChangeLog-7.php	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93594
af854a3a-2127-422b-91ae-364da2661108	https://bugs.php.net/bug.php?id=73280	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K21336065?utm_source=f5support&amp%3Butm_medium=RSS

Impacted products

Vendor	Product	Version
libgd	libgd	*
php	php	*
php	php	7.0.0
php	php	7.0.1
php	php	7.0.2
php	php	7.0.3
php	php	7.0.4
php	php	7.0.5
php	php	7.0.6
php	php	7.0.7
php	php	7.0.8
php	php	7.0.9
php	php	7.0.10
php	php	7.0.11
php	php	7.0.12

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E040BCCE-C098-492F-990F-D0196B519B10",
              "versionEndIncluding": "2.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBFD36E-4559-474C-ADEE-3686F156180C",
              "versionEndIncluding": "5.6.27",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6745CC43-2836-4CD8-848F-EEA08AE9D5AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call."
    },
    {
      "lang": "es",
      "value": "Error de firma de enteros en la funci\u00f3n dynamicGetbuf en gd_io_dp.c en la librer\u00eda de gr\u00e1ficos GD (tambi\u00e9n conocido como libgd) hasta la versi\u00f3n 2.2.3 como se utiliza en PHP en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en pila) o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada manipulada imagecreatefromstring."
    }
  ],
  "id": "CVE-2016-8670",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-01-04T20:59:00.293",
  "references": [
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2016/dsa-3693"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/10/15/1"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-7.php"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/bid/93594"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=73280"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9"
    },
    {
      "source": "security@debian.org",
      "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2016/dsa-3693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/10/15/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-7.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=73280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K21336065?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-8670 (GCVE-0-2016-8670)

GHSA-7HRM-234X-37P5

CNVD-2016-09857

GSD-2016-8670

CERTFR-2017-AVI-028

Solution

FKIE_CVE-2016-8670

Tags

Sightings

Nomenclature