Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

imagegif/output out-of-bounds access

I
Internet Bug Bounty
Submitted None
Actions:
View on HackerOne
Reported by fms

Vulnerability Details

Technical details and impact analysis

Memory Corruption - Generic
Bug https://bugs.php.net/bug.php?id=72519 Summary output function from gd_gif_out.c causes out-of-bounds access of the masks array when ctx->cur_bits becomes a negative number while generating a gif file. Reported to PHP 2016-06-30 04:10 UTC Patch 2016-07-19 07:47 UTC http://git.php.net/?p=php-src.git;a=commit;h=8dc5ffa479f886fae235d4ff6391e14546a3fda9 Fixed for PHP 5.5 (security only mode), PHP 5.6, PHP 7.0 http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Bounty

$500.00

Submitted

Weakness

Memory Corruption - Generic