CVE-2016-3074

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-3074
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3074.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-3074
Downstream
Related
Published
2016-04-26T14:59:01.207Z
Modified
2026-02-17T23:58:59.367365Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
2bb97f407c1145c850416a3bfbcc8cf124e68a19

Affected versions

Other
GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9
gd-2.*
gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1

Database specific

vanir_signatures 
[
    {
        "target": {
            "function": "_gd2GetHeader",
            "file": "src/gd_gd2.c"
        },
        "deprecated": false,
        "id": "CVE-2016-3074-081b5b6d",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19",
        "digest": {
            "function_hash": "163878100595225240009372061331328833043",
            "length": 2523.0
        }
    },
    {
        "target": {
            "file": "src/gd_gd2.c"
        },
        "deprecated": false,
        "id": "CVE-2016-3074-8c2aa4db",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19",
        "digest": {
            "line_hashes": [
                "308632048764262319325349404959904373833",
                "156654908032796698564829210861782091210",
                "87643980687445443250260216682085309841",
                "74748855092100787267051943652936968299"
            ],
            "threshold": 0.9
        }
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3074.json"

Git / github.com/mysql/mysql-server

Affected ranges

Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
2793382d656158e3b72451dc47a4ea022b566f7d
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Fixed
f6dfd7d7bba49ff4811bc5d7d916bbdb265bbfd1

Affected versions

mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.14-ndb-6.1.0
mysql-5.1.15-ndb-6.1.1
mysql-5.1.15-ndb-6.1.10
mysql-5.1.15-ndb-6.1.11
mysql-5.1.15-ndb-6.1.12
mysql-5.1.15-ndb-6.1.13
mysql-5.1.15-ndb-6.1.14
mysql-5.1.15-ndb-6.1.15
mysql-5.1.15-ndb-6.1.16
mysql-5.1.15-ndb-6.1.19
mysql-5.1.15-ndb-6.1.2
mysql-5.1.15-ndb-6.1.20
mysql-5.1.15-ndb-6.1.21
mysql-5.1.15-ndb-6.1.22
mysql-5.1.15-ndb-6.1.23
mysql-5.1.15-ndb-6.1.3
mysql-5.1.15-ndb-6.1.5
mysql-5.1.15-ndb-6.1.6
mysql-5.1.15-ndb-6.1.7
mysql-5.1.15-ndb-6.1.8
mysql-5.1.15-ndb-6.1.9
mysql-5.1.16-ndb-6.2.0
mysql-5.1.18-ndb-6.2.2
mysql-5.1.19-ndb-6.2.3
mysql-5.1.19-ndb-6.2.4
mysql-5.1.19-ndb-6.3.0
mysql-5.1.19-ndb-6.3.1
mysql-5.1.22-ndb-6.2.10
mysql-5.1.22-ndb-6.2.5-no-prod
mysql-5.1.22-ndb-6.2.5-no-prod-fix1
mysql-5.1.22-ndb-6.2.6
mysql-5.1.22-ndb-6.2.7
mysql-5.1.22-ndb-6.2.8
mysql-5.1.22-ndb-6.2.9
mysql-5.1.22-ndb-6.3.2-no-prod
mysql-5.1.22-ndb-6.3.3
mysql-5.1.22-ndb-6.3.4
mysql-5.1.22-ndb-6.3.5
mysql-5.1.22-ndb-6.3.6
mysql-5.1.22-ndb-6.3.7
mysql-5.1.23-ndb-6.2.11
mysql-5.1.23-ndb-6.2.12
mysql-5.1.23-ndb-6.2.13
mysql-5.1.23-ndb-6.2.14
mysql-5.1.23-ndb-6.2.15
mysql-5.1.23-ndb-6.3.10
mysql-5.1.23-ndb-6.3.11
mysql-5.1.23-ndb-6.3.12
mysql-5.1.23-ndb-6.3.7
mysql-5.1.23-ndb-6.3.8
mysql-5.1.23-ndb-6.3.9
mysql-5.1.24-ndb-6.3.13
mysql-5.1.24-ndb-6.3.14
mysql-5.1.24-ndb-6.3.15
mysql-5.1.24-ndb-6.3.16
mysql-5.1.27-ndb-6.3.17
mysql-5.1.28-ndb-6.2.16
mysql-5.1.28-ndb-6.3.18
mysql-5.1.29-ndb-6.3.19
mysql-5.1.30-ndb-6.3.20
mysql-5.1.30-ndb-6.4.0
mysql-5.1.31-ndb-6.3.21
mysql-5.1.31-ndb-6.3.22
mysql-5.1.31-ndb-6.4.1
mysql-5.1.31-ndb-6.4.2
mysql-5.1.32-ndb-6.3.23
mysql-5.1.32-ndb-6.3.24
mysql-5.1.32-ndb-6.4.3
mysql-5.1.32-ndb-7.0.4
mysql-5.1.32-ndb-7.0.5
mysql-5.1.34-ndb-6.2.18
mysql-5.1.34-ndb-6.3.25
mysql-5.1.34-telco-7.0.6
mysql-5.1.35-ndb-6.3.26
mysql-5.1.35-ndb-7.0.7
mysql-5.1.37-ndb-6.3.27
mysql-5.1.37-ndb-6.3.27a
mysql-5.1.37-ndb-7.0.8
mysql-5.1.37-ndb-7.0.8a
mysql-5.1.39-ndb-6.3.28
mysql-5.1.39-ndb-6.3.28a
mysql-5.1.39-ndb-6.3.28b
mysql-5.1.39-ndb-6.3.29
mysql-5.1.39-ndb-6.3.30
mysql-5.1.39-ndb-7.0.10
mysql-5.1.39-ndb-7.0.9
mysql-5.1.39-ndb-7.0.9b
mysql-5.1.39-ndb-7.1.1
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.41-ndb-6.3.31
mysql-5.1.41-ndb-6.3.31a
mysql-5.1.41-ndb-6.3.31b
mysql-5.1.41-ndb-6.3.32
mysql-5.1.41-ndb-7.0.11
mysql-5.1.41-ndb-7.0.11a
mysql-5.1.41-ndb-7.0.11b
mysql-5.1.41-ndb-7.0.12
mysql-5.1.41-ndb-7.0.12a
mysql-5.1.41-ndb-7.0.12b
mysql-5.1.41-ndb-7.0.13
mysql-5.1.41-ndb-7.1.1
mysql-5.1.41-ndb-7.1.2-beta
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.44-ndb-6.3.33
mysql-5.1.44-ndb-6.3.34
mysql-5.1.44-ndb-7.0.14
mysql-5.1.44-ndb-7.0.15
mysql-5.1.44-ndb-7.0.15a
mysql-5.1.44-ndb-7.1.3
mysql-5.1.44-ndb-7.1.4
mysql-5.1.44-ndb-7.1.4a
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.47-ndb-6.3.35
mysql-5.1.47-ndb-7.0.16
mysql-5.1.47-ndb-7.1.5
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.5-m3
mysql-5.5.6-rc
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9
mysql-5.6.10
mysql-5.6.11
mysql-5.6.12
mysql-5.6.13
mysql-5.6.14
mysql-5.6.15
mysql-5.6.16
mysql-5.6.17
mysql-5.6.19
mysql-5.6.2
mysql-5.6.20
mysql-5.6.3
mysql-5.6.4
mysql-5.6.5
mysql-5.6.6
mysql-5.6.7
mysql-5.6.8
mysql-5.6.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3074.json"

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
2c2d0de09e522fe097bfcebfb758171eb6aa5270
Fixed
acac79ec27fdf5aab6f60e5de77f176abe9b05c1
Introduced
60fffd296abce5fc071f3c173c25a2696cf683c6
Fixed
3c84adde7d778b1e8ff1169ef1085f204d182fb3
Introduced
fc1df8e7a6886e29a6ed5bef3f674ac61164e847
Fixed
50a8b9527a2317ba861ad0b660ff981f69941cfd

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3074.json"