CVE-2016-6911

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-6911
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6911.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-6911
Downstream
Related
Published
2017-01-26T15:59:00Z
Modified
2025-09-19T08:30:54.543523Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae

Affected versions

Other

GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9

gd-2.*

gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1
gd-2.2.0
gd-2.2.1

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2016-6911-1d41f52b",
            "signature_type": "Function",
            "digest": {
                "function_hash": "243521294658306343916129007328175124823",
                "length": 736.0
            },
            "target": {
                "file": "src/gd_tiff.c",
                "function": "createFromTiffRgba"
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae"
        },
        {
            "id": "CVE-2016-6911-3c9d5f7b",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "302276016543215858653877778009713530354",
                    "13455885363820143604871457319934368395",
                    "183834353088520194114113814617482493833",
                    "67713296539483513808535468205446763404",
                    "226777703373263504429618803239687544287",
                    "217808704602626426821386411462298446926",
                    "131506312562035270890776141939719606472",
                    "154484923779217233892676667613345838946",
                    "257272419617703692796463588766278850469",
                    "282851622350716209326674316345405171431",
                    "298947769286978432309066078178472878393",
                    "282431242015797273047242031756341625872",
                    "26204269596150467919520423331056159017",
                    "290880021847565619423291360926600057955",
                    "231949036220121703014684570531010375016",
                    "126883458774049413660788293557227155494",
                    "53262969221578858500973573257275501782",
                    "15393262755005942988110036472065813717"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/gd_tiff.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae"
        },
        {
            "id": "CVE-2016-6911-75674dbe",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "51705874965360408895113973707220570798",
                    "338490049937993592134511052328150713676",
                    "198670533405584592456930307949755701390",
                    "184289285682504290365505367894561045662",
                    "312635667455914412941394297507631977459",
                    "164912364801540328250245857455151056404",
                    "14528537629477714123104826112842305275",
                    "174229576911298954313958189567804101011",
                    "325833405717297570262963559864233221923",
                    "317610442461629431391937423399079119428",
                    "120502324777701742226354058733936885617",
                    "241736327363884881656391957885907719249",
                    "285973232702347830150094530819225094026",
                    "101632286035458322189832322367820274795",
                    "39869547321120853841394121441751628056"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/gd_io_dp.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae"
        },
        {
            "id": "CVE-2016-6911-ebb30b67",
            "signature_type": "Function",
            "digest": {
                "function_hash": "153318254224435095221987322236657302014",
                "length": 403.0
            },
            "target": {
                "file": "src/gd_io_dp.c",
                "function": "dynamicGetbuf"
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae"
        }
    ]
}