CVE-2014-2020
Published: 18 February 2014
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
Notes
Author | Note |
---|---|
mdeslaur | imagecrop was introduced in 5.5.0 |
Priority
Status
Package | Release | Status |
---|---|---|
php5 Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
(5.3.2-1ubuntu4.22)
|
precise |
Not vulnerable
(5.3.10-1ubuntu3.9)
|
|
quantal |
Not vulnerable
(5.4.6-1ubuntu1.5)
|
|
saucy |
Released
(5.5.3+dfsg-1ubuntu2.2)
|
|
upstream |
Released
(5.5.9+dfsg-1)
|
|
Patches: upstream: https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01 upstream: https://github.com/php/php-src/commit/143bb29c1ac3f959f44b8fe59adef4d1840bc393 upstream: https://github.com/php/php-src/commit/8f4a5373bb71590352fd934028d6dde5bc18530b upstream: https://github.com/php/php-src/commit/464c219ed4ebce6b9196cae308967ac7f7f58bde |