Search for vulnerabilities
Vulnerability details: VCID-z22s-yz6c-aaad
Vulnerability ID VCID-z22s-yz6c-aaad
Aliases CVE-2007-3996
Summary Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-190 Integer Overflow or Wraparound
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0888
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0889
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0890
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0891
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0917
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.05414 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.05414 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.05414 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.05414 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06909 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.06959 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
epss 0.14327 https://api.first.org/data/v1/epss?cve=CVE-2007-3996
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=278031
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2007-3996
Reference id Reference type URL
http://bugs.gentoo.org/show_bug.cgi?id=201546
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
http://rhn.redhat.com/errata/RHSA-2007-0889.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3996.json
https://api.first.org/data/v1/epss?cve=CVE-2007-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3996
http://secunia.com/advisories/26642
http://secunia.com/advisories/26822
http://secunia.com/advisories/26838
http://secunia.com/advisories/26871
http://secunia.com/advisories/26895
http://secunia.com/advisories/26930
http://secunia.com/advisories/26967
http://secunia.com/advisories/27102
http://secunia.com/advisories/27351
http://secunia.com/advisories/27377
http://secunia.com/advisories/27545
http://secunia.com/advisories/28009
http://secunia.com/advisories/28147
http://secunia.com/advisories/28658
http://secunia.com/advisories/31168
http://security.gentoo.org/glsa/glsa-200712-13.xml
http://securityreason.com/securityalert/3103
http://secweb.se/en/advisories/php-imagecopyresized-integer-overflow/
http://secweb.se/en/advisories/php-imagecreatetruecolor-integer-overflow/
https://exchange.xforce.ibmcloud.com/vulnerabilities/36382
https://exchange.xforce.ibmcloud.com/vulnerabilities/36383
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11147
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
http://www.debian.org/security/2008/dsa-1613
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
http://www.php.net/ChangeLog-5.php#5.2.4
http://www.php.net/releases/5_2_4.php
http://www.redhat.com/support/errata/RHSA-2007-0888.html
http://www.redhat.com/support/errata/RHSA-2007-0890.html
http://www.redhat.com/support/errata/RHSA-2007-0891.html
http://www.trustix.org/errata/2007/0026/
http://www.ubuntu.com/usn/usn-557-1
http://www.vupen.com/english/advisories/2007/3023
278031 https://bugzilla.redhat.com/show_bug.cgi?id=278031
443456 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=443456
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
CVE-2007-3996 https://nvd.nist.gov/vuln/detail/CVE-2007-3996
GLSA-200710-02 https://security.gentoo.org/glsa/200710-02
RHSA-2007:0888 https://access.redhat.com/errata/RHSA-2007:0888
RHSA-2007:0889 https://access.redhat.com/errata/RHSA-2007:0889
RHSA-2007:0890 https://access.redhat.com/errata/RHSA-2007:0890
RHSA-2007:0891 https://access.redhat.com/errata/RHSA-2007:0891
RHSA-2007:0917 https://access.redhat.com/errata/RHSA-2007:0917
USN-557-1 https://usn.ubuntu.com/557-1/
USN-720-1 https://usn.ubuntu.com/720-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-3996
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.90883
EPSS Score 0.02786
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.