CVE-2015-8874
published 2016-05-16CVE-2015-8874: Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
PriorityP339high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
8.28%
94.2th percentile
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libgd2 | < libgd2 2.2.1-1 (bookworm) | libgd2 2.2.1-1 (bookworm) |
| opensuse | leap | — | — |
| php | php | <= 5.6.11 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q9v4-889r-h8qj: Stack consumption vulnerability in GD in PHP before 5
ghsa_unreviewed·2022-05-14
CVE-2015-8874 [HIGH] CWE-119 GHSA-q9v4-889r-h8qj: Stack consumption vulnerability in GD in PHP before 5
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
OSV
libgd2 vulnerabilities
osv·2016-05-31·CVSS 4.3
CVE-2014-2497 [MEDIUM] libgd2 vulnerabilities
libgd2 vulnerabilities
It was discovered that the GD library incorrectly handled certain color
tables in XPM images. If a user or automated system were tricked into
processing a specially crafted XPM image, an attacker could cause a denial
of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-2497)
It was discovered that the GD library incorrectly handled certain malformed
GIF images. If a user or automated system were tricked into processing a
specially crafted GIF image, an attacker could cause a denial of service.
This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-9709)
It was discovered that the GD library incorrectly handled memory when using
gdImageFillToBorder(). A remote attacker could possibly use this issue to
cause a deni
OSV
CVE-2015-8874: Stack consumption vulnerability in GD in PHP before 5
osv·2016-05-16·CVSS 7.5
CVE-2015-8874 [HIGH] CVE-2015-8874: Stack consumption vulnerability in GD in PHP before 5
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Ubuntu
GD library vulnerabilities
vendor_ubuntu·2016-05-31·CVSS 4.3
CVE-2014-2497 [MEDIUM] GD library vulnerabilities
Title: GD library vulnerabilities
Summary: The GD library could be made to crash or run programs if it processed a
specially crafted image file.
It was discovered that the GD library incorrectly handled certain color
tables in XPM images. If a user or automated system were tricked into
processing a specially crafted XPM image, an attacker could cause a denial
of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-2497)
It was discovered that the GD library incorrectly handled certain malformed
GIF images. If a user or automated system were tricked into processing a
specially crafted GIF image, an attacker could cause a denial of service.
This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-9709)
It was discovered that the GD library i
Red Hat
gd: gdImageFillToBorder deep recursion leading to stack overflow
vendor_redhat·2015-06-02·CVSS 7.5
CVE-2015-8874 [HIGH] CWE-674 gd: gdImageFillToBorder deep recursion leading to stack overflow
gd: gdImageFillToBorder deep recursion leading to stack overflow
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Package: gd (Red Hat Enterprise Linux 5) - Will not fix
Package: php (Red Hat Enterprise Linux 5) - Will not fix
Package: php53 (Red Hat Enterprise Linux 5) - Will not fix
Package: gd (Red Hat Enterprise Linux 6) - Will not fix
Package: php (Red Hat Enterprise Linux 6) - Will not fix
Package: gd (Red Hat Enterprise Linux 7) - Will not fix
Package: php (Red Hat Enterprise Linux 7) - Will not fix
Package: php54-php (Red Hat Software Collections) - Will not fix
Package: php55-php (Red Hat Software Collections) - Will not fix
Debian
CVE-2015-8874: libgd2 - Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attacke...
vendor_debian·2015·CVSS 7.5
CVE-2015-8874 [HIGH] CVE-2015-8874: libgd2 - Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attacke...
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Scope: local
bookworm: resolved (fixed in 2.2.1-1)
bullseye: resolved (fixed in 2.2.1-1)
forky: resolved (fixed in 2.2.1-1)
sid: resolved (fixed in 2.2.1-1)
trixie: resolved (fixed in 2.2.1-1)
No detection rules found.
No public exploits indexed.
HackerOne
CVE-2015-8874 Stack overflow with imagefilltoborder
hackerone·2019-10-13·CVSS 7.5
CVE-2015-8874 [HIGH] CVE-2015-8874 Stack overflow with imagefilltoborder
CVE-2015-8874 Stack overflow with imagefilltoborder
Reported in 2014
https://bugs.php.net/bug.php?id=66387
A variation was rediscovered this year and reported to PHP and LIBGD:
https://bugs.php.net/bug.php?id=72350
https://github.com/libgd/libgd/issues/215
Patches for both issues:
http://git.php.net/?p=php-src.git;a=commit;h=f96ebb098697908641c6d37e1149cde1f90417fd
https://github.com/php/php-src/commit/6d3fa654b702c8762aa80ab795080f5c4464d677
Fixed in PHP 5.5.37 (security only mode)
http://php.net/ChangeLog-5.php#5.5.37
Fixed in PHP 5.6.23
http://php.net/ChangeLog-5.php#5.6.23
Fixed in PHP 7.0.8
http://php.net/ChangeLog-7.php#7.0.8
Bugzilla
CVE-2015-8874 gd: gdImageFillToBorder deep recursion leading to stack overflow
bugzilla·2016-05-17·CVSS 7.5
CVE-2015-8874 [HIGH] CVE-2015-8874 gd: gdImageFillToBorder deep recursion leading to stack overflow
CVE-2015-8874 gd: gdImageFillToBorder deep recursion leading to stack overflow
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
Upstream bug:
https://bugs.php.net/bug.php?id=66387
Discussion:
Upstream fix:
http://git.php.net/?p=php-src.git;a=commit;h=e7f2356665c2569191a946b6fc35b437f0ae1384
---
This is not PHP flaw, but rather gd/libgd flaw. PHP embeds the gd library as part of its gd extension. Upstream gd bug report is still unresolved. Apparently, the issue is not yet resolved in any released gd version.
https://github.com/libgd/libgd/issues/178
Additionally, in gd itself, both large positive and large negative coordinate can trigger deep recursion leading to stack overflow and
http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.htmlhttp://php.net/ChangeLog-5.phphttp://rhn.redhat.com/errata/RHSA-2016-2750.htmlhttp://www.debian.org/security/2016/dsa-3587http://www.ubuntu.com/usn/USN-2987-1https://bugs.php.net/bug.php?id=66387https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.htmlhttp://php.net/ChangeLog-5.phphttp://rhn.redhat.com/errata/RHSA-2016-2750.htmlhttp://www.debian.org/security/2016/dsa-3587http://www.ubuntu.com/usn/USN-2987-1https://bugs.php.net/bug.php?id=66387https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
2016-05-16
Published