CVE-2016-7127

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-7127
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7127.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-7127
Downstream
Related
Published
2016-09-12T01:59:05.707Z
Modified
2026-03-15T22:24:15.424002Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
38980c9ea4156ce52a53f9f3e1007ea3d787fa11
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
60fffd296abce5fc071f3c173c25a2696cf683c6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4054ec69da7631046f19d54ab06f09728a208b8b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
038c63cdea0472176ec2fdb162cfbd96e8c5f83e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4e1b8701573698f56e12672e4991d7e6239138d2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e09845d32614a19188632f410316478fbb440ebd
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
249a8fd9ae2324c84ede7ecfca6f6026e6d87df6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
734a5fca2c4731e34eca551f28be9a10ffc3f3c9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fb59213fc461f079bc218abf44cb5e2b4db2182c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a36407215f69ba2debf77933dcb3faa0c3ba2d04
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9d582eba7448f1495fae62b13d95d2844ce6b28a
Fixed
1bd103df00f49cf4d4ade2cfe3f456ac058a4eae
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.6.24"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.9"
        }
    ]
}

Affected versions

Other
NEWS
NEWS-cvs2svn
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_NATIVE_TLS_MERGE
POST_PHP7_EREG_MYSQL_REMOVALS
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_NATIVE_TLS_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
PRE_PHPNG_MERGE
php-5.*
php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.24RC1
php-5.6.18RC1
php-5.6.19RC1
php-5.6.22RC1
php-5.6.23RC1
php-5.6.24
php-5.6.24RC1
php-7.*
php-7.0.0
php-7.0.0RC1
php-7.0.0RC2
php-7.0.0RC3
php-7.0.0RC4
php-7.0.0RC5
php-7.0.0RC6
php-7.0.0RC7
php-7.0.0RC8
php-7.0.0alpha1
php-7.0.0alpha2
php-7.0.0beta1
php-7.0.0beta2
php-7.0.0beta3
php-7.0.1
php-7.0.1RC1
php-7.0.2
php-7.0.2RC1
php-7.0.3
php-7.0.3RC1
php-7.0.4
php-7.0.4RC1
php-7.0.5
php-7.0.5RC1
php-7.0.6
php-7.0.6RC1
php-7.0.7
php-7.0.7RC1
php-7.0.8
php-7.0.8RC1
php-7.0.9
php-7.0.9RC1

Database specific

vanir_signatures 
[
    {
        "target": {
            "file": "ext/gd/gd.c"
        },
        "id": "CVE-2016-7127-b20a7f9e",
        "digest": {
            "line_hashes": [
                "13061000410432496893915167939260265663",
                "16449094754789311592583499708074726003",
                "249040513906500853715332747983958150376"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "function": "PHP_FUNCTION",
            "file": "ext/gd/gd.c"
        },
        "id": "CVE-2016-7127-c5e74e49",
        "digest": {
            "function_hash": "182819258980180063651267922896273285635",
            "length": 1319.0
        },
        "source": "https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7127.json"