CVE-2013-7328

2014-02-18T11:55:00
ID CVE-2013-7328
Type cve
Reporter cve@mitre.org
Modified 2014-03-08T05:12:00

Description

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.