MiracleLinux 7 : php-5.4.16-43.el7.1 (AXSA:2018-2623:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2623:01 advisory. php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function CVE-2017-7890 Tenable has extracted the preceding description block directly...

Mageia: Security Advisory (MGASA-2018-0085)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1249)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

Information Disclosure

PHP is vulnerable to information disclosure vulnerability. The vulnerability exists in gdImageCreateFromGifCtx in GD Graphics Library used in PHP. An attacker could use a specially crafted GIF image and read up to 762 bytes from stack...

Fedora 26 : gd (2018-331af74020)

Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...

CentOS Update for php CESA-2018:0406 centos7

Check the version of php SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882850";...

CentOS 7 : php (CESA-2018:0406)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

php security update

CentOS Errata and Security Advisory CESA-2018:0406 An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : php on SL7.x x86_64 (20180306)

Security Fixes : - php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function CVE-2017-7890 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid107212; scriptversion"1.4";...

CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

Updated php & libgd packages fix security vulnerabilities

Potential infinite loop in gdImageCreateFromGifCtx php75571. Reflected XSS in .phar 404 page php74782...

PHP 5.6.x < 5.6.33 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.33. It is, therefore, affected by multiple vulnerabilities : - A potential infinite loop in gdImageCreateFromGifCtx. CVE-2018-5711 - A reflected XSS in .phar 404 page exists due to improper validati...

Debian DSA-3938-1 : libgd2 - security update

Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a...

PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)

An out of bounds read vulnerability exists in PHP. The vulnerability is due to improper handling of objects in memory within the gdImageCreateFromGifCtx function of gdgifin.c. A remote attacker could exploit this vulnerability by supplying a crafted image file to an application using the affected...