Stack-based buffer under-read vulnerability in gd_xbm.c in the GD Graphics Library (libgd) before 2.2.0 allows information disclosure or denial of service via a long name.

Stack-based buffer under-read vulnerability in gd_xbm.c in the GD Graphics Library (libgd) before 2.2.0 allows information disclosure or denial of service via a long name.

CVE-2016-5116 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.

Learn more about our Web Application Penetration Testing UK.