Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-7456

Опубликовано: 07 авг. 2016
Источник: debian

Описание

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libgd2fixed2.1.1-1package
libgd2not-affectedwheezypackage
php7.0fixed7.0.7-1package
php5fixed5.6.22+dfsg-1package

Примечания

  • https://github.com/libgd/libgd/commit/4f65a3e4eedaffa1efcf9ee1eb08f0b504fbc31a (gd-2.1.1)

  • Starting with 5.4.0-1 Debian uses the system copy of libgd

  • PHP bug: https://bugs.php.net/bug.php?id=72227

  • Fixed in 7.0.7, 5.6.22, 5.5.36

  • https://www.openwall.com/lists/oss-security/2016/05/25/3

Связанные уязвимости

ubuntu логотип

CVE-2013-7456

CVSS3: 7.6
ubuntu
почти 9 лет назад

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

redhat логотип

CVE-2013-7456

redhat
почти 12 лет назад

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

nvd логотип

CVE-2013-7456

CVSS3: 7.6
nvd
почти 9 лет назад

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

github логотип

GHSA-f3c2-5v72-7m7f

CVSS3: 7.6
github
около 3 лет назад

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

suse-cvrf логотип

openSUSE-SU-2016:1688-1

suse-cvrf
почти 9 лет назад

Security update for php5