CVE-2009-3546

Published Oct 19, 2009

Last updated 2 years ago

Overview

Description: The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83DED10C-5B2F-41A8-887F-E53C9498D620"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B236A476-9FB9-46A0-859A-86B6B37F6960"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.34:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5C6F71F-A65F-4AEF-B846-BDBF8C1965A3"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.34:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB25E18F-7078-458C-B517-D7DCC942BF80"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D7EEB86-6942-4A27-9C6A-9CEA73192E6A"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B928D03E-BABF-4FFB-B068-63A763301D31"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "345F2194-D009-45A8-8606-F2DAEC328A3A"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFB324F6-6271-412C-90D3-B91489200C8D"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AC18015-92F0-458A-B27D-BA96645A0FB5"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.35:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBE1488F-E22A-460E-B7AF-F9EBB56B188D"
          },
          {
            "criteria": "cpe:2.3:a:libgd:gd_graphics_library:2.0.36:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84E950C3-0FA9-4AA2-9FC2-81F30398073A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References