CVE-2014-9709 in GDinfo

Summary

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/23/2015

Disclosure

03/30/2015

Moderation

VulDB entry created

Entries

VDB-74528 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

5.3

EPSS

0.16543

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9709
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9709
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9709/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!