Signature Detail

HTTP: PHP gdImageCreateFromGifCtx Out of Bounds Read

An out of bounds read vulnerability has been reported in PHP. A remote attacker could exploit this vulnerability by supplying a crafted image file to an application using the affected function. Successful exploitation of this vulnerability could lead to information disclosure.

Extended Description

The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.

Affected Products

• Php php 5.6.30
• Php php 7.0.0
• Php php 7.0.1
• Php php 7.0.10
• Php php 7.0.11
• Php php 7.0.12
• Php php 7.0.13
• Php php 7.0.14
• Php php 7.0.15
• Php php 7.0.16
• Php php 7.0.17
• Php php 7.0.18
• Php php 7.0.19
• Php php 7.0.2
• Php php 7.0.20
• Php php 7.0.3
• Php php 7.0.4
• Php php 7.0.5
• Php php 7.0.6
• Php php 7.0.7
• Php php 7.0.8
• Php php 7.0.9
• Php php 7.1.0
• Php php 7.1.1
• Php php 7.1.2
• Php php 7.1.3
• Php php 7.1.4
• Php php 7.1.5
• Php php 7.1.6

References

• CVE: CVE-2017-7890