The readimagetga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
{ "vanir_signatures": [ { "deprecated": false, "source": "https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03", "target": { "function": "read_image_tga", "file": "src/gd_tga.c" }, "signature_type": "Function", "id": "CVE-2016-6905-2e144a9c", "signature_version": "v1", "digest": { "function_hash": "150222452826111607911999430026282216493", "length": 2352.0 } }, { "deprecated": false, "source": "https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03", "target": { "file": "src/gd_tga.c" }, "signature_type": "Line", "id": "CVE-2016-6905-9e671305", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "263338616471124220503043253082437292904", "31000100657142559304979551962267908643", "183804931480520940787143071533336557063", "242900354783927881132320031000585444472", "137576676101298210998585372321847849839", "229260443438122527870740329493642306007", "14336425063350563475893674927401561796", "170275526587140690810667574411797550226", "243326598763063495698113086608308225748", "218421369725904409339189520753653110577", "294969011813775192170813686771974570232", "160404730317204032626266116646092874034", "269838563000061620325829859461030474698", "284493872219512788957055064059739972542", "71144925059152600392708027950444535143", "144189907098002330028681126227675878716", "17448355068713968007013570008885764610", "15881539661546982613586794208154286622", "298383346940574426894356307041301056546", "224983335206663834060894548683091508842", "154398766447558974567395503910612333357", "96252021667969076384995295891192479774", "54519818484878553276522718568291377044", "85785600637868727890616453391076703592", "243326598763063495698113086608308225748", "218421369725904409339189520753653110577", "294969011813775192170813686771974570232", "160404730317204032626266116646092874034", "269838563000061620325829859461030474698", "284493872219512788957055064059739972542", "71144925059152600392708027950444535143", "144189907098002330028681126227675878716", "152877145846678278752206901764412020079", "268154877812631065202409925863302675645", "188849533591271881583276972169876036475", "241634334627581351892286265088852170362", "108587633537507210242609878158511307392", "317020317628908665409671761851493114880" ] } }, { "deprecated": false, "source": "https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186", "target": { "function": "read_image_tga", "file": "src/gd_tga.c" }, "signature_type": "Function", "id": "CVE-2016-6905-a02528cb", "signature_version": "v1", "digest": { "function_hash": "318558471273598071253749944011275991116", "length": 2116.0 } }, { "deprecated": false, "source": "https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186", "target": { "file": "src/gd_tga.c" }, "signature_type": "Line", "id": "CVE-2016-6905-cd268584", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "35425011894096212034497675172420309773", "137576676101298210998585372321847849839", "229260443438122527870740329493642306007", "28263119248774846812552438829400142818", "262929829821917167811831011805076192958", "206991234581768884905216919559318061037", "144189907098002330028681126227675878716", "17448355068713968007013570008885764610", "24108349718832749568963134875678576322", "26753026693652278219589919450218726435", "180686312022484326960970275757886384624", "206991234581768884905216919559318061037", "144189907098002330028681126227675878716", "152877145846678278752206901764412020079", "268154877812631065202409925863302675645", "188849533591271881583276972169876036475", "241634334627581351892286265088852170362" ] } } ] }