Published: 02/08/2017 Updated: 04/05/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP prior to 5.6.31 and 7.x prior to 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 7.0.0
php php 7.0.1
php php 7.0.8
php php 7.0.9
php php 7.0.17
php php 7.0.18
php php 7.1.4
php php 7.1.5
php php 7.0.2
php php 7.0.3
php php 7.0.10
php php 7.0.11
php php 7.0.19
php php 7.0.20
php php 7.1.6
php php
php php 7.0.6
php php 7.0.7
php php 7.0.15
php php 7.0.16
php php 7.1.2
php php 7.1.3
php php 7.0.4
php php 7.0.5
php php 7.0.12
php php 7.0.13
php php 7.0.14
php php 7.1.0
php php 7.1.1

Debian Bug report logs - #869263 libgd2: CVE-2017-7890: Buffer over-read into uninitialized memory Package: src:libgd2; Maintainer for src:libgd2 is GD Team <team+gd@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 22 Jul 2017 07:15:01 UTC Severity: grave Tags: fixed-upstream, pat ...

Synopsis Moderate: rh-php70-php security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rh-php70-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...

Synopsis Moderate: php security update Type/Severity Security Advisory: Moderate Topic An update for php is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which give ...

The system could be made to expose sensitive information ...

Matviy Kotoniy reported that the gdImageCreateFromGifCtx() function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a specially crafted file is processed For the oldstab ...

Out-of-bounds heap write in bitset_set_range():An issue was discovered in Oniguruma 620, as used in Oniguruma-mod in Ruby through 241 and mbstring in PHP through 715 A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition An incorrect s ...

A data leak was found in gdImageCreateFromGifCtx() in GD Graphics Library used in PHP before 5631 and 717 An attacker could craft a malicious GIF image and read up to 762 bytes from stack ...

Tenable has released updates for SecurityCenter 532, 540, 542, 545, 550, and 551 to bring the version of PHP included with them to 5631 PHP 5631 addresses multiple vulnerabilities: CVE-2017-11142: In PHP before 5631, 7x before 7017, and 71x before 713, remote attackers could cause a CPU consumption denial of service atta ...

CWE-200 https://bugs.php.net/bug.php?id=74435 http://www.securityfocus.com/bid/99492 http://php.net/ChangeLog-7.php http://php.net/ChangeLog-5.php https://bugs.php.net/patch-display.php?bug=74435&patch=fix-74435-php-7.0&revision=1497970038 https://www.tenable.com/security/tns-2017-12 http://www.debian.org/security/2017/dsa-3938 https://security.netapp.com/advisory/ntap-20180112-0001/https://access.redhat.com/errata/RHSA-2018:0406 https://access.redhat.com/errata/RHSA-2018:1296 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263 https://nvd.nist.gov https://usn.ubuntu.com/3389-2/

CVE-2017-7890

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect