PT-2016-3481 · Php+3 · Php+3

Fernando

Publicado

2016-05-27

Atualizado

2018-01-05

CVE-2013-7456

CVSS v3.1

7.6

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions GD Graphics Library versions prior to 2.1.1 PHP versions prior to 5.5.36 PHP versions 5.6.x prior to 5.6.22 PHP versions 7.x prior to 7.0.7

Description The issue allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

Recommendations For GD Graphics Library version prior to 2.1.1, update to version 2.1.1 or later. For PHP version prior to 5.5.36, update to version 5.5.36 or later. For PHP version 5.6.x prior to 5.6.22, update to version 5.6.22 or later. For PHP version 7.x prior to 7.0.7, update to version 7.0.7 or later.

Exploit

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2013-7456

DSA-3587-1

DSA-3602-1

OPENSUSE-SU-2016_1553-1

RHSA-2016:2750

SUSE-SU-2016:1633-1

SUSE-SU-2016_1633-1

USN-3030-1

Produtos afetados

Gd Graphics Library

Php

Suse

Ubuntu

PT-2016-3481 · Php+3 · Php+3

CVE-2013-7456

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 46