OSVDB ID: 11190

Title: GD Graphics Library PNG Handling gdImageCreateFromPngCtx() Overflow

Info

Disclosure
Oct 25, 2004

Discovery
Unknown

Dates

Exploit
Oct 25, 2004

Solution
Unknown

Description

 A remote overflow exists in GD Graphics Library. GD Graphics Library fails to check for an integer overflow when allocating memory for PNG image files in the gd_png.c gdImageCreateFromPngCtx() function. Using a specially crafted PNG image file, an attacker can cause a heap overflow and as a result remotely execute arbitrary code, leading to a loss of integrity.

Classification

 Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

 Upgrade to version 2.0.29 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Boutell.Com, Inc.

GD Graphics Library

 2.0.28
2.0.27
2.0.26
2.0.25
2.0.24
2.0.23
2.0.22
2.0.21
2.0.20
2.0.1x

References

Credit
  • infamous41md - infamous41mdhotpop.com -


Direct URL: http://osvdb.org/11190