gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
https://access.redhat.com/errata/RHSA-2018:1296
https://access.redhat.com/errata/RHSA-2019:2519
https://bugs.php.net/bug.php?id=75571
https://lists.debian.org/debian-lts-announce/2018/01/msg00022.html
https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html
Source: MITRE
Published: 2018-01-16
Updated: 2019-10-03
Type: CWE-681
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.6.32 (inclusive)
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from 7.0.0 to 7.0.26 (inclusive)
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 7.1.12 (inclusive)
OR
OR
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
137966 | EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747) | Nessus | Huawei Local Security Checks | critical |
134850 | Slackware 14.2 / current : gd (SSA:2020-083-01) | Nessus | Slackware Local Security Checks | high |
132184 | EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649) | Nessus | Huawei Local Security Checks | critical |
131674 | EulerOS 2.0 SP2 : gd (EulerOS-SA-2019-2521) | Nessus | Huawei Local Security Checks | high |
129178 | EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1984) | Nessus | Huawei Local Security Checks | high |
98824 | PHP 5.6.x < 5.6.33 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | medium |
123424 | GLSA-201903-18 : GD: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
121483 | Debian DLA-1651-1 : libgd2 security update | Nessus | Debian Local Security Checks | high |
98865 | PHP 7.2.x < 7.2.1 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | medium |
98858 | PHP 7.1.x < 7.1.13 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | medium |
98846 | PHP 7.0.x < 7.0.27 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | medium |
120264 | Fedora 28 : gd (2018-1aeac808ce) | Nessus | Fedora Local Security Checks | medium |
120015 | SUSE SLES12 Security Update : php7 (SUSE-SU-2018:0308-1) | Nessus | SuSE Local Security Checks | medium |
120013 | SUSE SLES12 Security Update : php5 (SUSE-SU-2018:0216-1) | Nessus | SuSE Local Security Checks | medium |
112150 | Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GD vulnerabilities (USN-3755-1) | Nessus | Ubuntu Local Security Checks | medium |
108836 | Fedora 26 : gd (2018-331af74020) | Nessus | Fedora Local Security Checks | medium |
108700 | Fedora 27 : gd (2018-ba81e4e4a0) | Nessus | Fedora Local Security Checks | medium |
108650 | SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0806-1) | Nessus | SuSE Local Security Checks | high |
106691 | Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-946) | Nessus | Amazon Linux Local Security Checks | medium |
106586 | Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2018-034-01) | Nessus | Slackware Local Security Checks | medium |
106550 | openSUSE Security Update : php7 (openSUSE-2018-119) | Nessus | SuSE Local Security Checks | medium |
106543 | openSUSE Security Update : gd (openSUSE-2018-109) | Nessus | SuSE Local Security Checks | medium |
106470 | SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2018:0260-1) | Nessus | SuSE Local Security Checks | medium |
106439 | SUSE SLES11 Security Update : gd (SUSE-SU-2018:0235-1) | Nessus | SuSE Local Security Checks | medium |
106434 | openSUSE Security Update : php5 (openSUSE-2018-99) | Nessus | SuSE Local Security Checks | medium |
106175 | Debian DLA-1248-1 : libgd2 security update | Nessus | Debian Local Security Checks | medium |
105774 | PHP 7.2.x < 7.2.1 Multiple Vulnerabilities | Nessus | CGI abuses | medium |
105773 | PHP 7.1.x < 7.1.13 Multiple Vulnerabilities | Nessus | CGI abuses | medium |
105772 | PHP 7.0.x < 7.0.27 Multiple Vulnerabilities | Nessus | CGI abuses | medium |
105771 | PHP 5.6.x < 5.6.33 Multiple Vulnerabilities | Nessus | CGI abuses | medium |