Description

Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.

Remediation

References

CVE-2013-7226

Related Vulnerabilities

WordPress Plugin Audio 'showfile' Parameter Cross-Site Scripting (0.5.1)

WordPress Plugin Duplicator-WordPress Migration SQL Injection (0.5.14)

WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.2)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (9.0.1)

WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1)

Severity

Medium

Classification

CVE-2013-7226

Tags

Missing Update Known Vulnerabilities