Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8877

Опубликовано: 13 июл. 2015
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5gdNot affected
Red Hat Enterprise Linux 5phpNot affected
Red Hat Enterprise Linux 5php53Not affected
Red Hat Enterprise Linux 6gdNot affected
Red Hat Enterprise Linux 6phpNot affected
Red Hat Enterprise Linux 7gdNot affected
Red Hat Enterprise Linux 7phpNot affected
Red Hat Software Collectionsphp54-phpNot affected
Red Hat Software Collectionsphp55-phpWill not fix
Red Hat Software Collections for Red Hat Enterprise Linux 6rh-php56FixedRHSA-2016:275015.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-772
https://bugzilla.redhat.com/show_bug.cgi?id=1338907gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches

EPSS

Процентиль: 84%
0.0231
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8877

CVSS3: 7.5
ubuntu
около 9 лет назад

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

nvd логотип

CVE-2015-8877

CVSS3: 7.5
nvd
около 9 лет назад

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

debian логотип

CVE-2015-8877

CVSS3: 7.5
debian
около 9 лет назад

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graph ...

github логотип

GHSA-pw83-9cfw-pfm6

CVSS3: 7.5
github
около 3 лет назад

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

fstec логотип

BDU:2016-01473

fstec
около 9 лет назад

Уязвимость интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 84%
0.0231
Низкий

2.6 Low

CVSS2