The vulnerability of PHP software allows a malicious attacker to compromise the integrity and accessibility of protected information.

The vulnerability exists in the GD context component of PHP, due to the presence of the sequence %00 in path names. Exploiting this vulnerability allows malicious actors to overwrite arbitrary files using specially crafted input data that triggers the functions imagegd, imagegd2, imagegif,...