Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-1903

Опубликовано: 19 янв. 2016
Источник: debian
EPSS Низкий

Описание

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php5fixed5.6.17+dfsg-1package
php5fixed5.6.14+dfsg-0+deb8u1jessiepackage
php5not-affectedwheezypackage
php5not-affectedsqueezepackage
php5.6fixed5.6.17+dfsg-1package
php7.0fixed7.0.2-1package
hhvmfixed3.12.11+dfsg-1package

Примечания

  • https://bugs.php.net/bug.php?id=70976

  • https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8

  • Fix in HHVM: https://github.com/facebook/hhvm/commit/f91abcc3b156823688c54158fc4fa36d87570afe

EPSS

Процентиль: 92%
0.08692
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-1903

CVSS3: 9.1
ubuntu
больше 9 лет назад

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

redhat логотип

CVE-2016-1903

redhat
больше 9 лет назад

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

nvd логотип

CVE-2016-1903

CVSS3: 9.1
nvd
больше 9 лет назад

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

github логотип

GHSA-xvcw-3rfr-7w27

CVSS3: 9.1
github
около 3 лет назад

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

fstec логотип

BDU:2016-00406

fstec
больше 9 лет назад

Уязвимость интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании или получить конфиденциальную информацию

EPSS

Процентиль: 92%
0.08692
Низкий