Intrusion Prevention

GD.Library.libgd.Heap.Buffer.Overflow

Description

This indicates an attack attempt against a heap-based Buffer Overflow vulnerability in Libgd.
The vulnerability is caused by an integer signedness error in GD Graphics Library. By sending a specially crafted G2 request to the target, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.

Affected Products

GD Library libgd 2.1.1 prior to 2bb97f407c1145c850416a3bfbcc8cf124e68a19 commit

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19

CVE References

CVE-2016-3074