CVE-2016-7568

Published: Sep 28, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

Affected (4)

Products: Libgd: Libgd · Php: Php · Debian: Debian Linux

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libgd Libgd	Up to 2.2.3

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Php Php	From 5.6.0 to 5.6.26
Php Php	From 7.0.0 to 7.0.11

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Related CWEs

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (14)

http://www.debian.org/security/2016/dsa-3693

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/93184

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugs.php.net/bug.php?id=73003

Source: cve@mitre.org

Issue TrackingVendor Advisory

https://github.com/libgd/libgd/commit/40bec0f38f50e8510f5bb71a82f516d46facde03

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://github.com/libgd/libgd/issues/308

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://security.gentoo.org/glsa/201612-09

Source: cve@mitre.org

Third Party Advisory

http://www.debian.org/security/2016/dsa-3693

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/93184

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugs.php.net/bug.php?id=73003

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://github.com/libgd/libgd/commit/40bec0f38f50e8510f5bb71a82f516d46facde03

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://github.com/libgd/libgd/issues/308

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://security.gentoo.org/glsa/201612-09

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.