Description
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Remediation
References
Related Vulnerabilities
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.22)
Lighttpd Other Vulnerability (CVE-2007-3950)
WordPress Cryptographic Issues Vulnerability (CVE-2009-3622)
WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-14574)