VYPR
Unrated severityNVD Advisory· Published Sep 4, 2007· Updated Jun 16, 2026

CVE-2007-3996

CVE-2007-3996

Description

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
    Range: <=5.2.3
  • PHP/libgdllm-create
    Range: <5.2.4

Patches

Vulnerability mechanics

References

40

News mentions

0

No linked articles in our index yet.