CVE-2013-7328

2014-02-18T06:55:16
ID CVE-2013-7328
Type cve
Reporter NVD
Modified 2014-03-08T00:12:30

Description

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.