The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) prior to 2.2.0, as used in PHP prior to 5.6.12, uses inconsistent allocate and free approaches, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libgd libgd |
||
php php |