CVE-2016-9933: Buffer Overflow
First published: Thu Nov 10 2016(Updated: )
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/php | <5.6.28 | 5.6.28 |
| redhat/php | <7.0.13 | 7.0.13 |
| redhat/php | <7.1.0 | 7.1.0 |
| redhat/gd | <2.2.2 | 2.2.2 |
| PHP | <7.0.13 | 7.0.13 |
| libgd | =2.2.1 | |
| PHP | <=5.6.27 | |
| PHP | =7.0.0 | |
| PHP | =7.0.1 | |
| PHP | =7.0.2 | |
| PHP | =7.0.3 | |
| PHP | =7.0.4 | |
| PHP | =7.0.5 | |
| PHP | =7.0.6 | |
| PHP | =7.0.7 | |
| PHP | =7.0.8 | |
| PHP | =7.0.9 | |
| PHP | =7.0.10 | |
| PHP | =7.0.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html
- http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00002.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html
- http://www.debian.org/security/2017/dsa-3751
- http://www.openwall.com/lists/oss-security/2016/12/12/2
- http://www.php.net/ChangeLog-5.php
- http://www.php.net/ChangeLog-7.php
- http://www.securityfocus.com/bid/94865
- https://access.redhat.com/errata/RHSA-2018:1296
- https://bugs.php.net/bug.php?id=72696
- https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e
- https://github.com/libgd/libgd/issues/215
- https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
- https://www.php.net/ChangeLog-7.php#7.0.13 (Advisory)
- http://seclists.org/oss-sec/2016/q4/658
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1404737
- https://access.redhat.com/security/updates/classification/
- https://bugzilla.redhat.com/show_bug.cgi?id=1404723
Frequently Asked Questions
What is the severity of CVE-2016-9933?
CVE-2016-9933 has a severity level that could lead to denial of service due to stack consumption.
How do I fix CVE-2016-9933?
To fix CVE-2016-9933, upgrade to PHP version 5.6.28 or 7.0.13, or GD version 2.2.2 or later.
What software is affected by CVE-2016-9933?
CVE-2016-9933 affects PHP versions prior to 5.6.28 and 7.0.13, as well as GD versions prior to 2.2.2.
Can CVE-2016-9933 be exploited remotely?
Yes, CVE-2016-9933 can be exploited remotely through crafted imagefilltoborder calls.
What type of vulnerability is CVE-2016-9933?
CVE-2016-9933 is classified as a stack consumption vulnerability.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-9933
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- collector/php-changelog
- source/PHP
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- package-manager/redhat
- vendor/php
- canonical/php
- vendor/libgd
- canonical/libgd
- version/libgd/2.2.1
- version/php/5.6.27
- version/php/7.0.0
- version/php/7.0.1
- version/php/7.0.2
- version/php/7.0.3
- version/php/7.0.4
- version/php/7.0.5
- version/php/7.0.6
- version/php/7.0.7
- version/php/7.0.8
- version/php/7.0.9
- version/php/7.0.10
- version/php/7.0.11