CVE-2016-6905
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-6905
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6905.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-6905
- Downstream
- Related
- Published
- 2016-10-03T21:59:05Z
- Modified
- 2025-09-19T08:30:54.221881Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The readimagetga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
- References
-
- http://lists.opensuse.org/opensuse-updates/2016-08/msg00121.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html
- http://www.openwall.com/lists/oss-security/2016/08/23/1
- http://www.securityfocus.com/bid/91743
- https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03
- https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186
- https://github.com/libgd/libgd/issues/248
- https://github.com/libgd/libgd/pull/251
- http://libgd.github.io/release-2.2.3.html
Affected packages
Git / github.com/libgd/libgd
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libgd/libgd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
Other
GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9
gd-2.*
gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1
gd-2.2.0
gd-2.2.1
gd-2.2.2
Database specific
{
"vanir_signatures": [
{
"deprecated": false,
"source": "https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03",
"target": {
"function": "read_image_tga",
"file": "src/gd_tga.c"
},
"signature_type": "Function",
"id": "CVE-2016-6905-2e144a9c",
"signature_version": "v1",
"digest": {
"function_hash": "150222452826111607911999430026282216493",
"length": 2352.0
}
},
{
"deprecated": false,
"source": "https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03",
"target": {
"file": "src/gd_tga.c"
},
"signature_type": "Line",
"id": "CVE-2016-6905-9e671305",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"263338616471124220503043253082437292904",
"31000100657142559304979551962267908643",
"183804931480520940787143071533336557063",
"242900354783927881132320031000585444472",
"137576676101298210998585372321847849839",
"229260443438122527870740329493642306007",
"14336425063350563475893674927401561796",
"170275526587140690810667574411797550226",
"243326598763063495698113086608308225748",
"218421369725904409339189520753653110577",
"294969011813775192170813686771974570232",
"160404730317204032626266116646092874034",
"269838563000061620325829859461030474698",
"284493872219512788957055064059739972542",
"71144925059152600392708027950444535143",
"144189907098002330028681126227675878716",
"17448355068713968007013570008885764610",
"15881539661546982613586794208154286622",
"298383346940574426894356307041301056546",
"224983335206663834060894548683091508842",
"154398766447558974567395503910612333357",
"96252021667969076384995295891192479774",
"54519818484878553276522718568291377044",
"85785600637868727890616453391076703592",
"243326598763063495698113086608308225748",
"218421369725904409339189520753653110577",
"294969011813775192170813686771974570232",
"160404730317204032626266116646092874034",
"269838563000061620325829859461030474698",
"284493872219512788957055064059739972542",
"71144925059152600392708027950444535143",
"144189907098002330028681126227675878716",
"152877145846678278752206901764412020079",
"268154877812631065202409925863302675645",
"188849533591271881583276972169876036475",
"241634334627581351892286265088852170362",
"108587633537507210242609878158511307392",
"317020317628908665409671761851493114880"
]
}
},
{
"deprecated": false,
"source": "https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186",
"target": {
"function": "read_image_tga",
"file": "src/gd_tga.c"
},
"signature_type": "Function",
"id": "CVE-2016-6905-a02528cb",
"signature_version": "v1",
"digest": {
"function_hash": "318558471273598071253749944011275991116",
"length": 2116.0
}
},
{
"deprecated": false,
"source": "https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186",
"target": {
"file": "src/gd_tga.c"
},
"signature_type": "Line",
"id": "CVE-2016-6905-cd268584",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"35425011894096212034497675172420309773",
"137576676101298210998585372321847849839",
"229260443438122527870740329493642306007",
"28263119248774846812552438829400142818",
"262929829821917167811831011805076192958",
"206991234581768884905216919559318061037",
"144189907098002330028681126227675878716",
"17448355068713968007013570008885764610",
"24108349718832749568963134875678576322",
"26753026693652278219589919450218726435",
"180686312022484326960970275757886384624",
"206991234581768884905216919559318061037",
"144189907098002330028681126227675878716",
"152877145846678278752206901764412020079",
"268154877812631065202409925863302675645",
"188849533591271881583276972169876036475",
"241634334627581351892286265088852170362"
]
}
}
]
}