Lucene search
RootSSV:61842HistoryMar 19, 2014 - 12:00 a.m.
PHP "gdImageCreateFromXpm()"空指针间接引用漏洞
2014-03-1900:00:00
Root
www.seebug.org
35
0.01 Low
EPSS
Percentile
83.5%
CVE ID: CVE-2014-2497
PHP是一种HTML内嵌式的语言。
PHP 5.4.26、5.5.10版本在 "gdImageCreateFromXpm()" 函数 (ext/gd/libgd/gdxpm.c)的实现上存在空指针间接引用错误,攻击者通过特制的XPM文件,利用此漏洞可造成崩溃。
0
PHP PHP 5.5.10
PHP PHP 5.4.26
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.php.net/downloads.php
https://bugs.php.net/bug.php?id=66901
Related
securityvulns
securityvulns
libgd / PHP DoS
2014-07-22 00:00:00
[ MDVSA-2014:133 ] gd
2014-07-22 00:00:00
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-07 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0288)
2022-01-28 00:00:00
Fedora Update for gd FEDORA-2015-0432
2015-01-19 00:00:00
Fedora Update for gd FEDORA-2015-0503
2015-01-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:04
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
fedora
fedora
[SECURITY] Fedora 20 Update: gd-2.1.0-8.fc20
2015-01-20 21:03:19
[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21
2015-01-19 01:34:38
[SECURITY] Fedora 20 Update: gd-2.1.0-6.fc20
2014-08-15 02:31:57
nessus
nessus
Fedora 20 : gd-2.1.0-8.fc20 (2015-0503)
2015-01-21 00:00:00
Mandriva Linux Security Advisory : gd (MDVSA-2014:133)
2014-07-11 00:00:00
Fedora 20 : gd-2.1.0-6.fc20 (2014-8458)
2014-08-15 00:00:00
cvelist
cvelist
CVE-2014-2497
2014-03-21 14:00:00
mageia
mageia
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
ubuntucve
ubuntucve
CVE-2014-2497
2014-03-21 00:00:00
prion
prion
Null pointer dereference
2014-03-21 14:55:00
nvd
nvd
CVE-2014-2497
2014-03-21 14:55:12
seebug
seebug
php-gd 'gdxpm.c'空指针拒绝服务漏洞
2014-03-17 00:00:00
debiancve
debiancve
CVE-2014-2497
2014-03-21 14:55:12
cve
cve
CVE-2014-2497
2014-03-21 14:55:12
debian
debian
[SECURITY] [DLA 189-1] libgd2 security update
2015-04-08 17:24:39
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-05 02:05:05
Security update for php53 (important)
2014-07-04 01:04:18
osv
osv
libgd2 - security update
2015-04-08 00:00:00
libgd2 - security update
2015-04-06 00:00:00
gentoo
gentoo
GD: Multiple vulnerabilities
2016-07-16 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
amazon
amazon
Medium: php55
2014-09-18 21:03:00
cloudfoundry
cloudfoundry
USN-2987-1 GD library vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
ubuntu
ubuntu
GD library vulnerabilities
2016-05-31 00:00:00
f5
f5
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
php security and bug fix update
2015-06-23 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45