CVE-2016-9933 in macOSinfo

Summary

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/12/2016

Disclosure

01/04/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
95944Apple macOS apache_mod_php memory corruption119Not definedOfficial fixCVE-2016-9933
95038GD Graphics Library gd.c gdImageFillToBorder memory corruption119Not definedOfficial fixCVE-2016-9933
93601PHP WDDX null pointer dereference476Not definedOfficial fixCVE-2016-9933
93600PHP Userspace Stream use after free416Not definedOfficial fixCVE-2016-9933
93599PHP SPL use after free416Not definedOfficial fixCVE-2016-9933
93598PHP IMAP Extension _php_imap_mail integer coercion192Not definedOfficial fixCVE-2016-9933
93597PHP GD Extension imagefilltoborder memory corruption119Not definedOfficial fixCVE-2016-9933
93596PHP GD Extension gdImageAALine memory corruption119Not definedOfficial fixCVE-2016-9933
93595PHP GD Extension dynamicGetbuf memory corruption119Not definedOfficial fixCVE-2016-9933
93594PHP GD Extension gdImageScaleBilinearPalette integer coercion192Not definedOfficial fixCVE-2016-9933
93593PHP GD Extension imageline integer coercion192Not definedOfficial fixCVE-2016-9933

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!