VDB
DEBIAN-CVE-2016-5767
DEBIAN-CVE-2016-5767
PUBLISHED
CVSS 8.800000190734863 HIGH
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
Risk Scores
CVSS v3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | libgd2 | 0, 0, 0 |
| Debian:11 | libgd2 | 0, 0, 0 |
| Debian:12 | libgd2 | 0, 0, 0 |
| Debian:13 | libgd2 | 0, 0, 0 |
Timeline
- Aug 7, 2016 CVE Published
- Apr 28, 2026 CVE Updated