Description
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
Remediation
References
Related Vulnerabilities
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.20)
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)