Intrusion Prevention

GD.Library.libgd.gd2.GetHeader.Integer.Overflow

Description

This indicates an attack attempt against an Integer Overflow vulnerability in Libgd.
The vulnerability is caused by an integer overflow in GD Graphics Library which leads to a heap overflow. By sending a specially crafted G2 file to the target, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.

Affected Products

GD Library libgd prior to 2.2.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/libgd/libgd/releases/tag/gd-2.2.3

CVE References

CVE-2016-5766