HTTP: GD Graphics Library PNG Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the GD Graphics Library. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
The GD Graphics Library (gdlib) is affected by an integer overflow that facilitates a heap overflow. This issue is due to the library's failure to do proper sanity checking on size values contained within image-format files. An attacker may leverage this issue to manipulate process heap memory, potentially leading to code execution and compromise of the computer running the affected library.
Affected Products
Avaya s8500,Turbolinux fuji
Short Name
HTTP:GD-GRAPHICS-PNG
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2004-0941 GD Graphics Library Overflow PNG bid:11523
Release Date
07/09/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Trustix
Openpkg
Rpath
Turbolinux
Avaya
Sgi
Ubuntu
Mandriva
Gd_graphics_library
CVSS Score
10.0