Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5766

Опубликовано: 23 июн. 2016
Источник: redhat
CVSS3: 5.6
CVSS2: 5.1

Описание

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

An integer overflow flaw, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted GD2 image.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5gdWill not fix
Red Hat Enterprise Linux 5phpWill not fix
Red Hat Enterprise Linux 5php53Will not fix
Red Hat Enterprise Linux 6gdWill not fix
Red Hat Enterprise Linux 6phpWill not fix
Red Hat Enterprise Linux 8gdNot affected
Red Hat OpenShift Enterprise 2gdAffected
Red Hat Software Collectionsphp54-phpWill not fix
Red Hat Software Collectionsphp55-phpWill not fix
Red Hat Enterprise Linux 7phpFixedRHSA-2016:259803.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1351068gd: Integer overflow in _gd2GetHeader() resulting in heap overflow

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5766

CVSS3: 8.8
ubuntu
около 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

nvd логотип

CVE-2016-5766

CVSS3: 8.8
nvd
около 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

debian логотип

CVE-2016-5766

CVSS3: 8.8
debian
около 9 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD G ...

github логотип

GHSA-54vf-4pr8-g7c8

CVSS3: 8.8
github
больше 3 лет назад

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

oracle-oval логотип

ELSA-2020-5443

oracle-oval
больше 4 лет назад

ELSA-2020-5443: gd security update (MODERATE)

5.6 Medium

CVSS3

5.1 Medium

CVSS2