Описание
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Пакеты
Пакет | Статус | Версия исправления | Релиз | Тип |
---|---|---|---|---|
libgd2 | fixed | 2.2.1-1 | package | |
php5 | fixed | 5.6.12+dfsg-1 | package | |
php5 | fixed | 5.6.12+dfsg-0+deb8u1 | jessie | package |
php7.0 | fixed | 7.0.0-1 | package |
Примечания
https://github.com/libgd/libgd/commit/38241013cc048af7c03daf6e9a75b4f42bffb200
PHP bug: https://bugs.php.net/bug.php?id=66387
Fixed in 5.6.12, 7.0.0
Starting with 5.4.0-1 Debian uses the system copy of libgd
EPSS
Связанные уязвимости
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Уязвимость библиотеки GD интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании
EPSS