fkie_cve-2013-7226
Vulnerability from fkie_nvd
Published
2014-02-18 11:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.
References
cve@mitre.orghttp://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b
cve@mitre.orghttp://secunia.com/advisories/56829
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2014:027
cve@mitre.orghttp://www.php.net/ChangeLog-5.phpVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/65533
cve@mitre.orghttp://www.securitytracker.com/id/1029767
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2126-1
cve@mitre.orghttps://bugs.php.net/bug.php?id=66356Vendor Advisory
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1065108
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/91099
cve@mitre.orghttps://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01
af854a3a-2127-422b-91ae-364da2661108http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/56829
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2014:027
af854a3a-2127-422b-91ae-364da2661108http://www.php.net/ChangeLog-5.phpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/65533
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029767
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2126-1
af854a3a-2127-422b-91ae-364da2661108https://bugs.php.net/bug.php?id=66356Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1065108
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/91099
af854a3a-2127-422b-91ae-364da2661108https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01
Impacted products
Vendor Product Version
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.1
php php 5.5.2
php php 5.5.3
php php 5.5.4
php php 5.5.5
php php 5.5.6
php php 5.5.7
php php 5.5.8


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en la funci\u00f3n gdImageCrop en ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada de la funci\u00f3n imagecrop con un valor de dimensi\u00f3n x grande, que conduce a un desbordamiento de buffer basado en memoria din\u00e1mica."
    }
  ],
  "id": "CVE-2013-7226",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-02-18T11:55:03.213",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/56829"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:027"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/65533"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029767"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2126-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=66356"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065108"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91099"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/56829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/65533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2126-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=66356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.