Gogil

**Name of the Vulnerable Software and Affected Versions** OpenJPEG versions prior to 53.0.2785.89 Google Chrome versions prior to 53.0.2785.89 on Windows and OS X Google Chrome versions prior to 53.0.2785.92 on Linux **Description** The issue is caused by multiple integer overflows in the `opj tcd init tile` function in `tcd.c` in OpenJPEG, which is used in PDFium in Google Chrome and Opera. This allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. **Recommendations** For OpenJPEG versions prior to 53.0.2785.89, update to version 53.0.2785.89 or later to resolve the issue. For Google Chrome versions prior to 53.0.2785.89 on Windows and OS X, update to version 53.0.2785.89 or later to resolve the issue. For Google Chrome versions prior to 53.0.2785.92 on Linux, update to version 53.0.2785.92 or later to resolve the issue. As a temporary workaround, consider disabling the use of JPEG 2000 data in affected applications until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GD Graphics Library versions prior to 2.0.34RC1 PHP versions prior to 5.5.37 PHP versions 5.6.x prior to 5.6.23 PHP versions 7.x prior to 7.0.8 **Description** The issue is related to an integer overflow in the `gdImageCreate` function, which can be exploited by remote attackers using crafted image dimensions. This can lead to a denial of service, causing a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. **Recommendations** For GD Graphics Library versions prior to 2.0.34RC1, update to version 2.0.34RC1 or later. For PHP versions prior to 5.5.37, update to version 5.5.37 or later. For PHP versions 5.6.x prior to 5.6.23, update to version 5.6.23 or later. For PHP versions 7.x prior to 7.0.8, update to version 7.0.8 or later.

**Name of the Vulnerable Software and Affected Versions** GD Graphics Library versions prior to 2.2.3 PHP versions prior to 5.5.37 PHP versions 5.6.x prior to 5.6.23 PHP versions 7.x prior to 7.0.8 **Description** The issue is related to an integer overflow in the ` gd2GetHeader` function, which can be exploited by remote attackers using crafted chunk dimensions in an image. This can lead to a denial of service, causing a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. **Recommendations** For GD Graphics Library versions prior to 2.2.3, update to version 2.2.3 or later. For PHP versions prior to 5.5.37, update to version 5.5.37 or later. For PHP versions 5.6.x prior to 5.6.23, update to version 5.6.23 or later. For PHP versions 7.x prior to 7.0.8, update to version 7.0.8 or later.