Description
The gdImageCreate function in the GD Graphics Library (aka libgd) before
2.2.4 allows remote attackers to cause a denial of service (system hang)
via an oversized image. (CVE-2016-9317)
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics
Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial
of service (application crash) via a crafted image file. (CVE-2016-10167)
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before
2.2.4 allows remote attackers to have unspecified impact via vectors
involving the number of horizontal and vertical chunks in an image.
(CVE-2016-10168)