Lucene search

K
cvelistMitreCVELIST:CVE-2016-5766
HistoryAug 07, 2016 - 10:00 a.m.

CVE-2016-5766

2016-08-0710:00:00
mitre
www.cve.org
10
integer overflow
gd graphics library
remote attackers
denial of service
unspecified impact
crafted image

AI Score

9.2

Confidence

High

EPSS

0.242

Percentile

96.6%

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.