CVE-2013-7328

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.5.9

Description The issue is related to multiple integer signedness errors in the gdImageCrop function, which can be exploited by remote attackers to cause a denial of service or obtain sensitive information. This can be achieved by making an imagecrop function call with a negative value for the x or y dimension.

Recommendations For versions prior to 5.5.9, update to version 5.5.9 or later to resolve the issue. As a temporary workaround, consider restricting the input values for the x and y dimensions in the imagecrop function to prevent negative values.