Vulnerability Details : CVE-2016-8670
Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-8670
- cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8670
4.71%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-8670
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-8670
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-8670
-
http://www.openwall.com/lists/oss-security/2016/10/15/1
oss-security - CVE Request: libgd: Stack Buffer Overflow in GD dynamicGetbufThird Party Advisory
-
https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
Avoid potentially dangerous signed to unsigned conversion · libgd/libgd@5311087 · GitHubVendor Advisory
-
http://www.debian.org/security/2016/dsa-3693
Debian -- Security Information -- DSA-3693-1 libgd2
-
https://support.f5.com/csp/article/K21336065?utm_source=f5support&utm_medium=RSS
GD Graphics Library vulnerability CVE-2016-8670
-
http://www.securityfocus.com/bid/93594
PHP LibGD CVE-2016-8670 Stack Buffer Overflow Vulnerability
-
http://www.php.net/ChangeLog-7.php
PHP: PHP 7 ChangeLogRelease Notes;Vendor Advisory
-
https://bugs.php.net/bug.php?id=73280
PHP :: Bug #73280 :: Stack Buffer Overflow in GD dynamicGetbufVendor Advisory
-
http://www.php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLogRelease Notes;Vendor Advisory
Jump to