{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-12-08T00:00:00", "descriptions": [{"lang": "en", "value": "Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-03T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20161212 CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/12/12/2"}, {"name": "openSUSE-SU-2016:3228", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html"}, {"name": "openSUSE-SU-2017:0081", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/ChangeLog-7.php"}, {"name": "openSUSE-SU-2017:0006", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1"}, {"name": "DSA-3751", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3751"}, {"name": "94865", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94865"}, {"name": "RHSA-2018:1296", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/ChangeLog-5.php"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.php.net/bug.php?id=72696"}, {"name": "openSUSE-SU-2017:0061", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html"}, {"name": "openSUSE-SU-2016:3239", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/issues/215"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9933", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20161212 CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/12/12/2"}, {"name": "openSUSE-SU-2016:3228", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html"}, {"name": "openSUSE-SU-2017:0081", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html"}, {"name": "http://www.php.net/ChangeLog-7.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-7.php"}, {"name": "openSUSE-SU-2017:0006", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00002.html"}, {"name": "https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1", "refsource": "CONFIRM", "url": "https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1"}, {"name": "DSA-3751", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3751"}, {"name": "94865", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94865"}, {"name": "RHSA-2018:1296", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"name": "http://www.php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-5.php"}, {"name": "https://bugs.php.net/bug.php?id=72696", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=72696"}, {"name": "openSUSE-SU-2017:0061", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html"}, {"name": "openSUSE-SU-2016:3239", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html"}, {"name": "https://github.com/libgd/libgd/issues/215", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/issues/215"}, {"name": "https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e", "refsource": "CONFIRM", "url": "https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-9933", "datePublished": "2017-01-04T20:00:00", "dateReserved": "2016-12-12T00:00:00", "dateUpdated": "2018-05-03T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libgd:libgd:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5AB26BF9-D145-4F4C-A71F-F9C886AFB272", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEBFD36E-4559-474C-ADEE-3686F156180C", "versionEndIncluding": "5.6.27", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69", "vulnerable": false}, {"criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value."}, {"lang": "es", "value": "Vulnerabilidad de consumo de pila en la funci\u00f3n gdImageFillToBorder en gd.c en la GD Graphics Library (tambi\u00e9n conocida como libgd) en versiones anteriores a 2.2.2, como se utiliza en PHP en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (violaci\u00f3n de segmentaci\u00f3n) a trav\u00e9s de una llamada imagefilltoborder manipulada que desencadena el uso de un valor de color negativo."}], "id": "CVE-2016-9933", "lastModified": "2018-05-04T01:29:01.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-04T20:59:00.480", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3751"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/12/12/2"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.php.net/ChangeLog-5.php"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.php.net/ChangeLog-7.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/94865"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=72696"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/libgd/libgd/issues/215"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}