MGASA-2017-0086

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2016-10167 CVE-2016-10168 CVE-2016-9317

Published: 25 Mar 2017, 16:56

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Mar 2017, 16:56

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated libwmf packages fix security vulnerability The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. (CVE-2016-9317) The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. (CVE-2016-10167) Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. (CVE-2016-10168)

Affected Systems

mageia•libwmf
< 0.2.8.4-32.4.mga5

MGASA-2017-0086

Vulnerability Summary

Timeline

Description

Affected Systems

References (2)