CVE-2013-7327

Priority
Medium
Description
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not
check return values, which allows remote attackers to cause a denial of
service (application crash) or possibly have unspecified other impact via
invalid imagecrop arguments that lead to use of a NULL pointer as a return
value, a different vulnerability than CVE-2013-7226.
References
Bugs
Notes
mdeslaur> imagecrop was introduced in 5.5.0
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.5.9+dfsg-1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (5.3.2-1ubuntu4.22)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (5.3.10-1ubuntu3.9)
Ubuntu 12.10 (Quantal Quetzal):not-affected (5.4.6-1ubuntu1.5)
Ubuntu 13.10 (Saucy Salamander):released (5.5.3+dfsg-1ubuntu2.2)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (5.5.9+dfsg-1ubuntu1)
Patches:
Upstream:https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01
Upstream:https://github.com/php/php-src/commit/143bb29c1ac3f959f44b8fe59adef4d1840bc393 (regression)
Upstream:https://github.com/php/php-src/commit/8f4a5373bb71590352fd934028d6dde5bc18530b
Upstream:https://github.com/php/php-src/commit/464c219ed4ebce6b9196cae308967ac7f7f58bde (small fix)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-03-03 19:14:33 UTC (commit 7792)