Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-8670

Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.

Published

2017-01-04T20:59:00.293

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	libgd	libgd	≤ 2.2.3	Yes
Application	php	php	≤ 5.6.27	No
Application	php	php	7.0.0	No
Application	php	php	7.0.1	No
Application	php	php	7.0.2	No
Application	php	php	7.0.3	No
Application	php	php	7.0.4	No
Application	php	php	7.0.5	No
Application	php	php	7.0.6	No
Application	php	php	7.0.7	No
Application	php	php	7.0.8	No
Application	php	php	7.0.9	No
Application	php	php	7.0.10	No
Application	php	php	7.0.11	No
Application	php	php	7.0.12	No

References

http://www.debian.org/security/2016/dsa-3693 ([email protected])
http://www.openwall.com/lists/oss-security/2016/10/15/1 Third Party Advisory ([email protected])
http://www.php.net/ChangeLog-5.php Release Notes, Vendor Advisory ([email protected])
http://www.php.net/ChangeLog-7.php Release Notes, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/93594 ([email protected])
https://bugs.php.net/bug.php?id=73280 Vendor Advisory ([email protected])
https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9 Vendor Advisory ([email protected])
https://support.f5.com/csp/article/K21336065?utm_source=f5support&amp%3Butm_medium=RSS ([email protected])
http://www.debian.org/security/2016/dsa-3693 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/10/15/1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/ChangeLog-5.php Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/ChangeLog-7.php Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/93594 (af854a3a-2127-422b-91ae-364da2661108)
https://bugs.php.net/bug.php?id=73280 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/csp/article/K21336065?utm_source=f5support&amp%3Butm_medium=RSS (af854a3a-2127-422b-91ae-364da2661108)