CVE-2016-9933
Published: 4 January 2017
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
Notes
Author | Note |
---|---|
mdeslaur | php uses the system libgd2 |
Priority
Status
Package | Release | Status |
---|---|---|
libgd2 Launchpad, Ubuntu, Debian |
precise |
Released
(2.0.36~rc1~dfsg-6ubuntu2.4)
|
trusty |
Released
(2.1.0-3ubuntu0.6)
|
|
upstream |
Released
(2.2.2)
|
|
xenial |
Released
(2.1.1-4ubuntu0.16.04.6)
|
|
yakkety |
Released
(2.2.1-1ubuntu3.3)
|
|
Patches: upstream: https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e |
||
php5 Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
(uses system gd)
|
trusty |
Not vulnerable
(uses system gd)
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
php7.0 Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(uses system gd)
|
|
yakkety |
Not vulnerable
(uses system gd)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |