Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 allow remote malicious users to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 5.5.0 |
||
php php 5.5.1 |
||
php php 5.5.5 |
||
php php 5.5.7 |
||
php php 5.5.6 |
||
php php 5.5.3 |
||
php php 5.5.8 |
||
php php 5.5.4 |
||
php php 5.5.2 |