Your submission was sent successfully! Close

CVE-2014-9709

Published: 30 March 2015

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

Priority

Low

Status

Package Release Status
libgd2
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (2.0.36~rc1~dfsg-6ubuntu2.1)
trusty
Released (2.1.0-3ubuntu0.1)
upstream
Released (2.1.0-5)
utopic Ignored
(reached end-of-life)
vivid Not vulnerable
(2.1.0-5)
wily Not vulnerable
(2.1.0-5)
xenial Not vulnerable
(2.1.0-5)
php5
Launchpad, Ubuntu, Debian
lucid Not vulnerable

precise Not vulnerable

trusty Not vulnerable

upstream
Released (5.6.5+dfsg-1)
utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

xenial Does not exist