gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP prior to 5.6.33, 7.0.x prior to 7.0.27, 7.1.x prior to 7.1.13, and 7.2.x prior to 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 7.2.0 |
||
php php |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 18.04 |