Unrated severityNVD Advisory· Published Feb 18, 2014· Updated Jun 17, 2026
CVE-2013-7226
CVE-2013-7226
Description
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
- (no CPE)range: >=5.5.0, <5.5.9
Patches
Vulnerability mechanics
References
11- www.php.net/ChangeLog-5.phpnvdVendor Advisory
- bugs.php.net/bug.phpnvdVendor Advisory
- git.php.netnvd
- secunia.com/advisories/56829nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/65533nvd
- www.securitytracker.com/id/1029767nvd
- www.ubuntu.com/usn/USN-2126-1nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/91099nvd
- github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01nvd
News mentions
0No linked articles in our index yet.