Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable8125.PRM
HistoryFeb 14, 2014 - 12:00 a.m.

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

2014-02-1400:00:00
Tenable
www.tenable.com
46

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.7%

JSON

Versions of PHP 5.5.x prior to 5.5.9 are exposed to the following issues related to the GD extension :

  • A heap-based buffer overflow error exists related to the functions ‘gdImageCrop’ and ‘imagecrop’ that could allow denial of service attacks and possibly arbitrary code execution. (CVE-2013-7226)

  • An error exists in the function ‘gdImageCrop’ related to return value checking that could lead to use of NULL pointers and denial of service attacks. (CVE-2013-7327)

  • Multiple integer signedness errors exist in the function ‘gdImageCrop’ that could allow denial of service attacks and information disclosure. (CVE-2013-7328)

  • A data type checking error exists that could allow information disclosure. (CVE-2014-2020)

Binary data 8125.prm
VendorProductVersionCPE
phpphpcpe:/a:php:php

Related

openvas 7
nessus 10
f5 4
ubuntu 1
securityvulns 4
cve 4
cvelist 4
ubuntucve 4
nvd 4
prion 4
amazon 1
seebug 3
hackerone 1
gentoo 1
rosalinux 1
openvas
openvas
PHP Multiple Vulnerabilities - 01 (May 2014)
2014-05-09 00:00:00
Ubuntu: Security Advisory (USN-2126-1)
2014-03-04 00:00:00
Ubuntu Update for php5 USN-2126-1
2014-03-04 00:00:00
nessus
nessus
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
2014-02-14 00:00:00
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : php5 vulnerabilities (USN-2126-1)
2014-03-04 00:00:00
Amazon Linux AMI : php55 (ALAS-2014-314)
2014-03-28 00:00:00
f5
f5
SOL15653 - Multiple PHP vulnerabilities
2014-10-02 00:00:00
K15653 : Multiple PHP vulnerabilities
2014-10-02 00:00:00
SOL15648 - PHP vulnerability CVE-2014-2020
2014-10-02 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2014-03-03 00:00:00
securityvulns
securityvulns
USN-2126-1] PHP vulnerabilities
2014-03-13 00:00:00
python-PGP code execution
2014-06-14 00:00:00
PHP multiple security vulnerabilities
2014-03-18 00:00:00
cve
cve
CVE-2013-7328
2014-02-18 11:55:16
CVE-2013-7327
2014-02-18 11:55:03
CVE-2014-2020
2014-02-18 11:55:17
cvelist
cvelist
CVE-2013-7328
2014-02-18 11:00:00
CVE-2013-7327
2014-02-18 11:00:00
CVE-2014-2020
2014-02-18 11:00:00
ubuntucve
ubuntucve
CVE-2013-7328
2014-02-18 00:00:00
CVE-2013-7327
2014-02-18 00:00:00
CVE-2014-2020
2014-02-18 00:00:00
nvd
nvd
CVE-2013-7328
2014-02-18 11:55:16
CVE-2013-7327
2014-02-18 11:55:03
CVE-2014-2020
2014-02-18 11:55:17
prion
prion
Null pointer dereference
2014-02-18 11:55:00
Integer overflow
2014-02-18 11:55:00
Design/Logic Flaw
2014-02-18 11:55:00
amazon
amazon
Important: php55
2014-03-24 23:37:00
seebug
seebug
PHP 'ext/gd/gd.c'信息泄漏漏洞
2014-02-20 00:00:00
PHP 'ext/gd/gd.c' gdImageCrop整数符号错误漏洞
2014-02-20 00:00:00
PHP 'ext/gd/gd.c' gdImageCrop空指针返回拒绝服务漏洞
2014-02-20 00:00:00
hackerone
hackerone
Internet Bug Bounty: PHP Heap Overflow Vulnerability in imagecrop()
2013-12-27 02:57:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.7%

JSON
Related for 8125.PRM
openvas7nessus10f54ubuntu1securityvulns4cve4cvelist4ubuntucve4nvd4prion4amazon1seebug3hackerone1gentoo1rosalinux1