Vulnerability-Lookup

CVE-2016-5767 (GCVE-0-2016-5767)

Vulnerability from cvelistv5 – Published: 2016-08-07 10:00 – Updated: 2024-08-06 01:15

Summary

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2016-0…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2750.html	vendor-advisoryx_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2598.html	vendor-advisoryx_refsource_REDHAT
	http://php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/06/23/4	mailing-listx_refsource_MLIST
	http://php.net/ChangeLog-7.php	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
	https://bugs.php.net/bug.php?id=72446	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/bid/91395	vdb-entryx_refsource_BID
	http://github.com/php/php-src/commit/c395c6e5d7e8…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:08.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1761",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
          },
          {
            "name": "openSUSE-SU-2016:1922",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
          },
          {
            "name": "RHSA-2016:2750",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
          },
          {
            "name": "RHSA-2016:2598",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://php.net/ChangeLog-5.php"
          },
          {
            "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://php.net/ChangeLog-7.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=72446"
          },
          {
            "name": "SUSE-SU-2016:2013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
          },
          {
            "name": "91395",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91395"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1761",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
        },
        {
          "name": "openSUSE-SU-2016:1922",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
        },
        {
          "name": "RHSA-2016:2750",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
        },
        {
          "name": "RHSA-2016:2598",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://php.net/ChangeLog-5.php"
        },
        {
          "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://php.net/ChangeLog-7.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=72446"
        },
        {
          "name": "SUSE-SU-2016:2013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
        },
        {
          "name": "91395",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91395"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5767",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1761",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
            },
            {
              "name": "openSUSE-SU-2016:1922",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
            },
            {
              "name": "RHSA-2016:2750",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
            },
            {
              "name": "RHSA-2016:2598",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
            },
            {
              "name": "http://php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "url": "http://php.net/ChangeLog-5.php"
            },
            {
              "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
            },
            {
              "name": "http://php.net/ChangeLog-7.php",
              "refsource": "CONFIRM",
              "url": "http://php.net/ChangeLog-7.php"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=72446",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=72446"
            },
            {
              "name": "SUSE-SU-2016:2013",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
            },
            {
              "name": "91395",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91395"
            },
            {
              "name": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1",
              "refsource": "CONFIRM",
              "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5767",
    "datePublished": "2016-08-07T10:00:00.000Z",
    "dateReserved": "2016-06-23T00:00:00.000Z",
    "dateUpdated": "2024-08-06T01:15:08.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2016-5767

Vulnerability from fkie_nvd - Published: 2016-08-07 10:59 - Updated: 2025-04-12 10:46

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
cve@mitre.org	http://php.net/ChangeLog-5.php	Release Notes
cve@mitre.org	http://php.net/ChangeLog-7.php	Release Notes
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-2598.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-2750.html
cve@mitre.org	http://www.openwall.com/lists/oss-security/2016/06/23/4	Release Notes
cve@mitre.org	http://www.securityfocus.com/bid/91395
cve@mitre.org	https://bugs.php.net/bug.php?id=72446
cve@mitre.org	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
af854a3a-2127-422b-91ae-364da2661108	http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://php.net/ChangeLog-5.php	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://php.net/ChangeLog-7.php	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2598.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2750.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/06/23/4	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91395
af854a3a-2127-422b-91ae-364da2661108	https://bugs.php.net/bug.php?id=72446
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

Impacted products

Vendor	Product	Version
libgd	libgd	*
php	php	*
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.0
php	php	5.6.1
php	php	5.6.2
php	php	5.6.3
php	php	5.6.4
php	php	5.6.5
php	php	5.6.6
php	php	5.6.7
php	php	5.6.8
php	php	5.6.9
php	php	5.6.10
php	php	5.6.11
php	php	5.6.12
php	php	5.6.13
php	php	5.6.14
php	php	5.6.15
php	php	5.6.16
php	php	5.6.17
php	php	5.6.18
php	php	5.6.19
php	php	5.6.20
php	php	5.6.21
php	php	5.6.22
php	php	7.0.0
php	php	7.0.1
php	php	7.0.2
php	php	7.0.3
php	php	7.0.4
php	php	7.0.5
php	php	7.0.6
php	php	7.0.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7221FE-C6E9-489E-A01B-D1A76E53F71D",
              "versionEndIncluding": "2.0.33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C85C39-7022-488D-8473-DB55CF456D7E",
              "versionEndIncluding": "5.5.36",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "90727984-6853-4348-B3CD-4869788117FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n gdImageCreate en gd.c en la GD Graphics Library (tambi\u00e9n conocido como libgd) en versiones anteriores a 2.0.34RC1, como se utiliza en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5.6.23 y 7.x en versiones anteriores a 7.0.8 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de dimensiones de imagen manipuladas."
    }
  ],
  "id": "CVE-2016-5767",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-07T10:59:14.960",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "http://php.net/ChangeLog-7.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/91395"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugs.php.net/bug.php?id=72446"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "http://php.net/ChangeLog-7.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.php.net/bug.php?id=72446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-5767

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-5767

Aliases

CVE-2016-5767

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-5767",
    "description": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.",
    "id": "GSD-2016-5767",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-5767.html",
      "https://access.redhat.com/errata/RHSA-2016:2750",
      "https://access.redhat.com/errata/RHSA-2016:2598",
      "https://advisories.mageia.org/CVE-2016-5767.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2016-5767.html",
      "https://linux.oracle.com/cve/CVE-2016-5767.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-5767"
      ],
      "details": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.",
      "id": "GSD-2016-5767",
      "modified": "2023-12-13T01:21:25.987816Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-5767",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2016:1761",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
          },
          {
            "name": "openSUSE-SU-2016:1922",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
          },
          {
            "name": "RHSA-2016:2750",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
          },
          {
            "name": "RHSA-2016:2598",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
          },
          {
            "name": "http://php.net/ChangeLog-5.php",
            "refsource": "CONFIRM",
            "url": "http://php.net/ChangeLog-5.php"
          },
          {
            "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
          },
          {
            "name": "http://php.net/ChangeLog-7.php",
            "refsource": "CONFIRM",
            "url": "http://php.net/ChangeLog-7.php"
          },
          {
            "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
          },
          {
            "name": "https://bugs.php.net/bug.php?id=72446",
            "refsource": "CONFIRM",
            "url": "https://bugs.php.net/bug.php?id=72446"
          },
          {
            "name": "SUSE-SU-2016:2013",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
          },
          {
            "name": "91395",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91395"
          },
          {
            "name": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1",
            "refsource": "CONFIRM",
            "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.0.33",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "5.5.36",
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5767"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.php.net/bug.php?id=72446",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugs.php.net/bug.php?id=72446"
            },
            {
              "name": "http://php.net/ChangeLog-7.php",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes"
              ],
              "url": "http://php.net/ChangeLog-7.php"
            },
            {
              "name": "http://php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes"
              ],
              "url": "http://php.net/ChangeLog-5.php"
            },
            {
              "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
              "refsource": "MLIST",
              "tags": [
                "Release Notes"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
            },
            {
              "name": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
            },
            {
              "name": "openSUSE-SU-2016:1922",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
            },
            {
              "name": "openSUSE-SU-2016:1761",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
            },
            {
              "name": "SUSE-SU-2016:2013",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
            },
            {
              "name": "91395",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/91395"
            },
            {
              "name": "RHSA-2016:2750",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
            },
            {
              "name": "RHSA-2016:2598",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-01-05T02:31Z",
      "publishedDate": "2016-08-07T10:59Z"
    }
  }
}

CERTFR-2017-AVI-237

Vulnerability from certfr_avis - Published: 2017-07-27 - Updated: 2017-07-27

De multiples vulnérabilités ont été corrigées dans Fortinet FortiOS et FortiAnalyzer. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Fortinet	FortiOS	FortiOS versions antérieures à 5.6.0
Fortinet	FortiOS	FortiOS versions antérieures à 5.4.5
Fortinet	FortiAnalyzer	FortiAnalyzer versions antérieures à 5.4.3

References

Title

Publication Time

CNVD-2016-04373

Vulnerability from cnvd - Published: 2016-06-30

Title

PHP 'gdImagePaletteToTrueColor()'函数整数溢出漏洞

Description

PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。 PHP的‘gdImagePaletteToTrueColor()’函数中存在整数溢出漏洞，攻击者可利用该漏洞造成堆缓冲区溢出。

Severity

中

Patch Name

PHP ‘gdImagePaletteToTrueColor()’函数整数溢出漏洞的补丁

Patch Description

PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。 PHP的‘gdImagePaletteToTrueColor()’函数中存在整数溢出漏洞，攻击者可利用该漏洞造成堆缓冲区溢出。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://bugs.php.net/bug.php?id=72446

Reference

https://bugs.php.net/bug.php?id=72446

Impacted products

Name
PHP PHP 5.5.36

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-5767"
    }
  },
  "description": "PHP\uff08PHP\uff1aHypertext Preprocessor\uff0cPHP\uff1a\u8d85\u6587\u672c\u9884\u5904\u7406\u5668\uff09\u662fPHP Group\u548c\u5f00\u653e\u6e90\u4ee3\u7801\u793e\u533a\u5171\u540c\u7ef4\u62a4\u7684\u4e00\u79cd\u5f00\u6e90\u7684\u901a\u7528\u8ba1\u7b97\u673a\u811a\u672c\u8bed\u8a00\u3002\r\n\r\nPHP\u7684\u0026lsquo;gdImagePaletteToTrueColor()\u0026rsquo;\u51fd\u6570\u4e2d\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u3002",
  "discovererName": "gogil at stealien dot com",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bugs.php.net/bug.php?id=72446",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04373",
  "openTime": "2016-06-30",
  "patchDescription": "PHP\uff08PHP\uff1aHypertext Preprocessor\uff0cPHP\uff1a\u8d85\u6587\u672c\u9884\u5904\u7406\u5668\uff09\u662fPHP Group\u548c\u5f00\u653e\u6e90\u4ee3\u7801\u793e\u533a\u5171\u540c\u7ef4\u62a4\u7684\u4e00\u79cd\u5f00\u6e90\u7684\u901a\u7528\u8ba1\u7b97\u673a\u811a\u672c\u8bed\u8a00\u3002\r\n\r\nPHP\u7684\u0026lsquo;gdImagePaletteToTrueColor()\u0026rsquo;\u51fd\u6570\u4e2d\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "PHP \u2018gdImagePaletteToTrueColor()\u2019\u51fd\u6570\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "PHP PHP 5.5.36"
  },
  "referenceLink": "https://bugs.php.net/bug.php?id=72446",
  "serverity": "\u4e2d",
  "submitTime": "2016-06-28",
  "title": "PHP \u0027gdImagePaletteToTrueColor()\u0027\u51fd\u6570\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e"
}

GHSA-8H88-M6M2-5756

Vulnerability from github – Published: 2022-05-14 03:56 – Updated: 2022-05-14 03:56

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-5767"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-07T10:59:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.",
  "id": "GHSA-8h88-m6m2-5756",
  "modified": "2022-05-14T03:56:22Z",
  "published": "2022-05-14T03:56:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5767"
    },
    {
      "type": "WEB",
      "url": "https://bugs.php.net/bug.php?id=72446"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
    },
    {
      "type": "WEB",
      "url": "http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "type": "WEB",
      "url": "http://php.net/ChangeLog-7.php"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91395"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-5767 (GCVE-0-2016-5767)

FKIE_CVE-2016-5767

GSD-2016-5767

CERTFR-2017-AVI-237

Solution

CNVD-2016-04373

GHSA-8H88-M6M2-5756

Tags

Sightings

Nomenclature