Описание
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.5.9+dfsg-1ubuntu1 |
| lucid | not-affected | 5.3.2-1ubuntu4.22 |
| precise | not-affected | 5.3.10-1ubuntu3.9 |
| quantal | not-affected | 5.4.6-1ubuntu1.5 |
| saucy | released | 5.5.3+dfsg-1ubuntu2.2 |
| upstream | released | 5.5.9+dfsg-1 |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Multiple integer signedness errors in the gdImageCrop function in ext/ ...
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
EPSS
5.8 Medium
CVSS2