Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5766

Опубликовано: 23 июн. 2016
Источник: redhat
CVSS3: 5.6
CVSS2: 5.1
EPSS Средний

Описание

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

An integer overflow flaw, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted GD2 image.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5gdWill not fix
Red Hat Enterprise Linux 5phpWill not fix
Red Hat Enterprise Linux 5php53Will not fix
Red Hat Enterprise Linux 6gdWill not fix
Red Hat Enterprise Linux 6phpWill not fix
Red Hat Enterprise Linux 8gdNot affected
Red Hat OpenShift Enterprise 2gdAffected
Red Hat Software Collectionsphp54-phpWill not fix
Red Hat Software Collectionsphp55-phpWill not fix
Red Hat Enterprise Linux 7phpFixedRHSA-2016:259803.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1351068gd: Integer overflow in _gd2GetHeader() resulting in heap overflow

EPSS

Процентиль: 95%
0.17588
Средний

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5766

CVSS3: 8.8
ubuntu
почти 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

nvd логотип

CVE-2016-5766

CVSS3: 8.8
nvd
почти 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

debian логотип

CVE-2016-5766

CVSS3: 8.8
debian
почти 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD G ...

github логотип

GHSA-54vf-4pr8-g7c8

CVSS3: 8.8
github
около 3 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

oracle-oval логотип

ELSA-2020-5443

oracle-oval
больше 4 лет назад

ELSA-2020-5443: gd security update (MODERATE)

EPSS

Процентиль: 95%
0.17588
Средний

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Уязвимость CVE-2016-5766