CVE-2016-5767 in GD Graphics Libraryinfo

Summary

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

06/23/2016

Disclosure

08/07/2016

Moderation

VulDB entry created

Entries

VDB-90633 (1)

CPE

ready

CWE

CWE-190 (Confirmed)

CVSS

8.8

EPSS

0.04623

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5767
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5767
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5767/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!