CVE-2013-7328
Publication date 18 February 2014
Last updated 24 July 2024
Ubuntu priority
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Status
Package | Ubuntu Release | Status |
---|---|---|
php5 | ||
Notes
Patch details
Package | Patch details |
---|---|
php5 |
References
Related Ubuntu Security Notices (USN)
- USN-2126-1
- PHP vulnerabilities
- 3 March 2014