{"id":"CVE-2016-6207","details":"Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.","modified":"2026-04-16T01:42:21.846418866Z","published":"2016-08-12T15:59:03.730Z","related":["SUSE-SU-2016:2303-1","SUSE-SU-2016:2408-1","SUSE-SU-2016:2460-1","SUSE-SU-2016:2460-2","openSUSE-SU-2024:10062-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/138174/LibGD-2.2.2-Integer-Overflow-Denial-Of-Service.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2750.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3630"},{"type":"ADVISORY","url":"http://www.securityfocus.com/archive/1/539100/100/0/threaded"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92080"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036535"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-3060-1"},{"type":"ADVISORY","url":"https://bugs.php.net/bug.php?id=72558"},{"type":"ADVISORY","url":"https://libgd.github.io/release-2.2.3.html"},{"type":"ADVISORY","url":"https://secunia.com/secunia_research/2016-9/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201612-09"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=72558"},{"type":"FIX","url":"http://www.securitytracker.com/id/1036535"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html"},{"type":"ARTICLE","url":"http://www.ubuntu.com/usn/USN-3060-1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"54356fd888f58524342f8e1aa2cf03dccf131701"},{"fixed":"bcd100d812b525c982cf75d6c6dabe839f61634a"},{"introduced":"90fc27f17abb5cb9c7006987fe53b62d66f981a7"},{"fixed":"c86338a35cda8514c8d2f38e62808f9bcfe0e4cb"},{"introduced":"cd4973d4acae08e6636843b8e706547b33658693"},{"fixed":"bcb96821bdb56d92e523a099a7079d141a853252"}]}],"database_specific":{"vanir_signatures":[{"id":"CVE-2016-6207-3da0fc9f","signature_version":"v1","deprecated":false,"target":{"file":"ext/standard/basic_functions.c"},"digest":{"threshold":0.9,"line_hashes":["198011536025072107975883186380452148843","331728417024842654446570071457159069395","205456331668105326830182380336029223146","164282985402725457749299583506046134408","320137256578601229186691392718001358014"]},"signature_type":"Line","source":"https://github.com/php/php-src/commit/c86338a35cda8514c8d2f38e62808f9bcfe0e4cb"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6207.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}