CVE Vulnerabilities

CVE-2013-7226

Published: Feb 18, 2014 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.1 5.5.1
Php Php 5.5.5 5.5.5
Php Php 5.5.7 5.5.7
Php Php 5.5.0 5.5.0
Php Php 5.5.6 5.5.6
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.3 5.5.3
Php Php 5.5.8 5.5.8
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.4 5.5.4
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.0 5.5.0
Php Php 5.5.2 5.5.2
Php Php 5.5.0 5.5.0

References