Description
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
Remediation
References
Related Vulnerabilities
WordPress Plugin Author Stats Cross-Site Scripting (1.3)
WordPress Plugin WP e-Commerce-Clockwork SMS Cross-Site Scripting (2.0.5)
WordPress Plugin Staff Directory-Employee Directory for WordPress Unspecified Vulnerability (3.6.1)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-26477)