Description
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5)
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0788)
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Arbitrary File Upload (2.0)
WordPress Plugin Download Monitor Cross-Site Scripting (3.3.6.1)