Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5767

Опубликовано: 23 июн. 2016
Источник: redhat
CVSS3: 5.6
CVSS2: 5.1
EPSS Низкий

Описание

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

An integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted image buffer.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5gdNot affected
Red Hat Enterprise Linux 5phpWill not fix
Red Hat Enterprise Linux 5php53Will not fix
Red Hat Enterprise Linux 6gdNot affected
Red Hat Enterprise Linux 6phpWill not fix
Red Hat Enterprise Linux 7gdNot affected
Red Hat Enterprise Linux 8gdNot affected
Red Hat OpenShift Enterprise 2gdNot affected
Red Hat Software Collectionsphp54-phpWill not fix
Red Hat Software Collectionsphp55-phpWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1351069gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow

EPSS

Процентиль: 89%
0.04623
Низкий

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5767

CVSS3: 8.8
ubuntu
почти 9 лет назад

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

nvd логотип

CVE-2016-5767

CVSS3: 8.8
nvd
почти 9 лет назад

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

debian логотип

CVE-2016-5767

CVSS3: 8.8
debian
почти 9 лет назад

Integer overflow in the gdImageCreate function in gd.c in the GD Graph ...

github логотип

GHSA-8h88-m6m2-5756

CVSS3: 8.8
github
около 3 лет назад

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

oracle-oval логотип

ELSA-2016-2598

oracle-oval
больше 8 лет назад

ELSA-2016-2598: php security and bug fix update (MODERATE)

EPSS

Процентиль: 89%
0.04623
Низкий

5.6 Medium

CVSS3

5.1 Medium

CVSS2