CVE-2016-7568 in GD Graphics Libraryinfo

Summary

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

09/09/2016

Disclosure

09/28/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-190

CVSS

9.8

EPSS

0.03421

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7568
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7568
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7568/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!