Vulnerability CVE-2007-2756

Vulnerability Name:

CVE-2007-2756 (CCN-34420)

Assigned:

2007-05-16

Published:

2007-05-16

Updated:

2017-10-11

Summary:

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-Other
CWE-835

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: libgd Bug FS#86
Possible infinite loop in libgd/gd_png.c (inside png_set_read_fn() callback) with truncated input

Source: CONFIRM
Type: Patch
http://bugs.libgd.org/?do=details&task_id=86

Source: MITRE
Type: CNA
CVE-2007-2756

Source: CCN
Type: HP Security Bulletin HPSBUX02262 SSRT071447
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)

Source: HP
Type: UNKNOWN
SSRT071447

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:044

Source: OSVDB
Type: UNKNOWN
35788

Source: OSVDB
Type: UNKNOWN
36643

Source: CCN
Type: RHSA-2007-0889
Moderate: php security update

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0889

Source: CCN
Type: RHSA-2007-0890
Moderate: php security update

Source: CCN
Type: RHSA-2007-0891
Moderate: php security update

Source: CCN
Type: RHSA-2008-0146
Moderate: gd security update

Source: SECUNIA
Type: UNKNOWN
25353

Source: CCN
Type: SA25362
GD Graphics Library Truncated PNG Data Denial of Service

Source: SECUNIA
Type: UNKNOWN
25362

Source: CCN
Type: SA25378
PHP "gdPngReadData()" Truncated PNG Data Denial of Service

Source: SECUNIA
Type: UNKNOWN
25378

Source: SECUNIA
Type: UNKNOWN
25535

Source: SECUNIA
Type: UNKNOWN
25575

Source: SECUNIA
Type: UNKNOWN
25590

Source: SECUNIA
Type: UNKNOWN
25646

Source: SECUNIA
Type: UNKNOWN
25657

Source: SECUNIA
Type: UNKNOWN
25658

Source: SECUNIA
Type: UNKNOWN
25787

Source: CCN
Type: SA25855
GD Graphics Library Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
25855

Source: SECUNIA
Type: UNKNOWN
26048

Source: SECUNIA
Type: UNKNOWN
26231

Source: SECUNIA
Type: UNKNOWN
26390

Source: SECUNIA
Type: UNKNOWN
26871

Source: SECUNIA
Type: UNKNOWN
26895

Source: SECUNIA
Type: UNKNOWN
26930

Source: SECUNIA
Type: UNKNOWN
26967

Source: SECUNIA
Type: UNKNOWN
27037

Source: SECUNIA
Type: UNKNOWN
27102

Source: SECUNIA
Type: UNKNOWN
27110

Source: CCN
Type: SA27545
Avaya Products PHP Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
27545

Source: SECUNIA
Type: UNKNOWN
29157

Source: SECUNIA
Type: UNKNOWN
30168

Source: GENTOO
Type: UNKNOWN
GLSA-200708-05

Source: GENTOO
Type: UNKNOWN
GLSA-200711-34

Source: GENTOO
Type: UNKNOWN
GLSA-200805-13

Source: CCN
Type: SECTRACK ID: 1018187
PHP Infinite Loop in imagecreatefrompng() Lets Users Deny Service

Source: SLACKWARE
Type: UNKNOWN
SSA:2007-152-01

Source: CCN
Type: ASA-2007-416
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) (HPSBUX02262)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm

Source: CCN
Type: ASA-2007-449
PHP security updates (RHSA-2007-0888 RHSA-2007-0889 & RHSA-2007-0890)

Source: CCN
Type: ASA-2007-478
PHP security update (RHSA-2007-0891)

Source: CCN
Type: ASA-2008-099
gd security update (RHSA-2008-0146)

Source: CCN
Type: GLSA-200708-05
GD: Multiple vulnerabilities

Source: CCN
Type: GLSA-200710-02
PHP: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200710-02

Source: CCN
Type: GLSA-200711-34
CSTeX: Multiple vulnerabilities

Source: CCN
Type: GLSA-200805-13
PTeX: Multiple vulnerabilities

Source: CCN
Type: GD Graphics Library Web site
Main Page - LibGD

Source: CONFIRM
Type: UNKNOWN
http://www.libgd.org/ReleaseNote020035

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:122

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:123

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:124

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:187

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:013

Source: CCN
Type: OpenPKG-SA-2007.020
PHP

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2007.020

Source: CCN
Type: OSVDB ID: 35788
GD Graphics Library (libgd) gdPngReadData() Function Truncated PNG Handling DoS

Source: CCN
Type: OSVDB ID: 36643
GD Graphics Library (libgd) gdPngReadData() Function Truncated PNG Data Handling DoS

Source: CCN
Type: PHP Web site
PHP 5.2.3 Release Announcement

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/releases/5_2_3.php

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0890

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0891

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0146

Source: BID
Type: UNKNOWN
24089

Source: CCN
Type: BID-24089
GD Graphics Library PNG File Processing Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018187

Source: TRUSTIX
Type: UNKNOWN
2007-0019

Source: TRUSTIX
Type: UNKNOWN
2007-0023

Source: CCN
Type: TLSA-2007-40
libwmf denial of service

Source: CCN
Type: USN-473-1
libgd2 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-473-1

Source: VUPEN
Type: UNKNOWN
ADV-2007-1904

Source: VUPEN
Type: UNKNOWN
ADV-2007-1905

Source: VUPEN
Type: UNKNOWN
ADV-2007-2016

Source: VUPEN
Type: UNKNOWN
ADV-2007-2336

Source: VUPEN
Type: UNKNOWN
ADV-2007-3386

Source: XF
Type: UNKNOWN
gd-gdpngreaddata-dos(34420)

Source: XF
Type: UNKNOWN
gd-gdpngreaddata-dos(34420)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1394

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10779

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-709

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2215

Source: SUSE
Type: SUSE-SR:2007:013
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:libgd:libgd:2.0.34:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42310	P	Security update for curl (Important)	2022-07-07
oval:org.opensuse.security:def:20072756	V	CVE-2007-2756	2022-06-30
oval:org.opensuse.security:def:112273	P	gd-2.3.3-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31370	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:31371	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:26185	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:33057	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:26171	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:26161	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:32209	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:105799	P	gd-2.3.3-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:32190	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:26132	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:31680	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:31259	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26108	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:42112	P	Security update for krb5 (Important)	2021-08-20
oval:org.opensuse.security:def:31239	P	Security update for dbus-1 (Important)	2021-08-02
oval:org.opensuse.security:def:32146	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26083	P	Security update for zziplib (Moderate)	2021-06-25
oval:org.opensuse.security:def:32124	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:36133	P	gd-2.0.36.RC1-52.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36408	P	gd-devel-2.0.36.RC1-52.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42540	P	gd-2.0.36.RC1-52.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31631	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:31185	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31627	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:31174	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:31173	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:32085	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:31611	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:26032	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:26024	P	Security update for xen (Important)	2021-04-06
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31736	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:32265	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:31331	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:26030	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:33096	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:31685	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:32828	P	Security update for python36 (Important)	2020-12-11
oval:org.opensuse.security:def:35903	P	gd-2.0.36.RC1-52.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25969	P	Security update for xen (Important)	2020-12-03
oval:org.opensuse.security:def:35553	P	gd-2.0.36.RC1-52.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35705	P	gd-2.0.36.RC1-52.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41960	P	gd-2.0.36.RC1-52.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25967	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:31022	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25541	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31980	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26689	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25886	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25681	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31927	P	Security update for giflib (Moderate)	2020-12-01
oval:org.opensuse.security:def:26902	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25104	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31107	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25879	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:32314	P	Security update for rpcbind (Moderate)	2020-12-01
oval:org.opensuse.security:def:27371	P	augeas-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31382	P	Security update for openvpn	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31993	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25116	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26312	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:32375	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25454	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:31588	P	Security update for tcpdump (Moderate)	2020-12-01
oval:org.opensuse.security:def:26534	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25988	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32670	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25957	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25308	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26400	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25529	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26670	P	apache2-mod_php5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25446	P	Security update for nfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:32036	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26458	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:25738	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31797	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31599	P	Security update for tiff (Low)	2020-12-01
oval:org.opensuse.security:def:25833	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27131	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25256	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:25822	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32479	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26299	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25268	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:31483	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26587	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25880	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25683	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:32867	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31021	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25460	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31824	P	Security update for bash (Low)	2020-12-01
oval:org.opensuse.security:def:26675	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26553	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25758	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31966	P	Security update for icu (Important)	2020-12-01
oval:org.opensuse.security:def:31888	P	Security update for evince (Moderate)	2020-12-01
oval:org.opensuse.security:def:26867	P	ark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31033	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25598	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26733	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25734	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31949	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25105	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:32353	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27406	P	gd-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25453	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31456	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:26383	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:25974	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32631	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25180	P	Security update for file-roller (Moderate)	2020-12-01
oval:org.opensuse.security:def:31388	P	Security update for openwsman (Important)	2020-12-01
oval:org.opensuse.security:def:26361	P	Security update for kopete (Low)	2020-12-01
oval:org.opensuse.security:def:32419	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:25465	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:25389	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31783	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26414	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:25657	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:32053	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31775	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26705	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25530	P	Security update for virglrenderer (Important)	2020-12-01
oval:org.opensuse.security:def:27096	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25795	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25783	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31841	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:31600	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:26242	P	Security update for ibus (Important)	2020-12-01
oval:org.opensuse.security:def:25257	P	Security update for apache2-mod_auth_openidc (Moderate)	2020-12-01
oval:org.opensuse.security:def:31391	P	Security update for pam (Moderate)	2020-12-01
oval:org.opensuse.security:def:26259	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:25836	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32518	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25682	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:31475	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:25332	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:31540	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26518	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25694	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31909	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31839	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26229	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.mitre.oval:def:21803	P	ELSA-2008:0146: gd security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22339	P	ELSA-2007:0890: php security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:10779	V	The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.	2013-04-29
oval:com.redhat.rhsa:def:20080146	P	RHSA-2008:0146: gd security update (Moderate)	2008-02-28
oval:com.redhat.rhsa:def:20070889	P	RHSA-2007:0889: php security update (Moderate)	2007-09-26
oval:com.redhat.rhsa:def:20070890	P	RHSA-2007:0890: php security update (Moderate)	2007-09-20

BACK