CVE-2016-10167
MEDIUMLibgd < 2.2.3 - Improper Input Validation
Title source: ruleDescription
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
References (10)
Scores
CVSS v3
5.5
EPSS
0.0097
EPSS Percentile
76.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Classification
CWE
CWE-20
Status
published
Affected Products (2)
libgd/libgd
< 2.2.3
n/a/n/a
Timeline
Published
Mar 15, 2017
Tracked Since
Feb 18, 2026