The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
{ "vanir_signatures": [ { "id": "CVE-2016-6911-1d41f52b", "signature_type": "Function", "digest": { "function_hash": "243521294658306343916129007328175124823", "length": 736.0 }, "target": { "file": "src/gd_tiff.c", "function": "createFromTiffRgba" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae" }, { "id": "CVE-2016-6911-3c9d5f7b", "signature_type": "Line", "digest": { "line_hashes": [ "302276016543215858653877778009713530354", "13455885363820143604871457319934368395", "183834353088520194114113814617482493833", "67713296539483513808535468205446763404", "226777703373263504429618803239687544287", "217808704602626426821386411462298446926", "131506312562035270890776141939719606472", "154484923779217233892676667613345838946", "257272419617703692796463588766278850469", "282851622350716209326674316345405171431", "298947769286978432309066078178472878393", "282431242015797273047242031756341625872", "26204269596150467919520423331056159017", "290880021847565619423291360926600057955", "231949036220121703014684570531010375016", "126883458774049413660788293557227155494", "53262969221578858500973573257275501782", "15393262755005942988110036472065813717" ], "threshold": 0.9 }, "target": { "file": "src/gd_tiff.c" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae" }, { "id": "CVE-2016-6911-75674dbe", "signature_type": "Line", "digest": { "line_hashes": [ "51705874965360408895113973707220570798", "338490049937993592134511052328150713676", "198670533405584592456930307949755701390", "184289285682504290365505367894561045662", "312635667455914412941394297507631977459", "164912364801540328250245857455151056404", "14528537629477714123104826112842305275", "174229576911298954313958189567804101011", "325833405717297570262963559864233221923", "317610442461629431391937423399079119428", "120502324777701742226354058733936885617", "241736327363884881656391957885907719249", "285973232702347830150094530819225094026", "101632286035458322189832322367820274795", "39869547321120853841394121441751628056" ], "threshold": 0.9 }, "target": { "file": "src/gd_io_dp.c" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae" }, { "id": "CVE-2016-6911-ebb30b67", "signature_type": "Function", "digest": { "function_hash": "153318254224435095221987322236657302014", "length": 403.0 }, "target": { "file": "src/gd_io_dp.c", "function": "dynamicGetbuf" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae" } ] }