Unrated severityNVD Advisory· Published Sep 4, 2007· Updated Jun 16, 2026
CVE-2007-3996
CVE-2007-3996
Description
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
40- secunia.com/advisories/26642nvdPatchVendor Advisory
- secweb.se/en/advisories/php-imagecopyresized-integer-overflow/nvdPatch
- www.php.net/ChangeLog-5.phpnvdPatch
- bugs.gentoo.org/show_bug.cginvd
- lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.htmlnvd
- rhn.redhat.com/errata/RHSA-2007-0889.htmlnvd
- secunia.com/advisories/26822nvd
- secunia.com/advisories/26838nvd
- secunia.com/advisories/26871nvd
- secunia.com/advisories/26895nvd
- secunia.com/advisories/26930nvd
- secunia.com/advisories/26967nvd
- secunia.com/advisories/27102nvd
- secunia.com/advisories/27351nvd
- secunia.com/advisories/27377nvd
- secunia.com/advisories/27545nvd
- secunia.com/advisories/28009nvd
- secunia.com/advisories/28147nvd
- secunia.com/advisories/28658nvd
- secunia.com/advisories/31168nvd
- security.gentoo.org/glsa/glsa-200712-13.xmlnvd
- securityreason.com/securityalert/3103nvd
- secweb.se/en/advisories/php-imagecreatetruecolor-integer-overflow/nvd
- support.avaya.com/elmodocs2/security/ASA-2007-449.htmnvd
- www.debian.org/security/2008/dsa-1613nvd
- www.gentoo.org/security/en/glsa/glsa-200710-02.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.php.net/releases/5_2_4.phpnvd
- www.redhat.com/support/errata/RHSA-2007-0888.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0890.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0891.htmlnvd
- www.trustix.org/errata/2007/0026/nvd
- www.ubuntu.com/usn/usn-557-1nvd
- www.vupen.com/english/advisories/2007/3023nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36382nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36383nvd
- issues.rpath.com/browse/RPL-1693nvd
- issues.rpath.com/browse/RPL-1702nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11147nvd
- www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.htmlnvd
News mentions
0No linked articles in our index yet.