Bugzilla – Bug 863969
VUL-0: CVE-2013-7226: php5: Heap Overflow Vulnerability in imagecrop()
Last modified: 2019-06-17 22:47:16 UTC
A heap overflow vulnerability was found inside the PHP imagecrop() function. This could cause the execution of arbitrary code. This has been corrected in PHP 5.5.9. Upstream Fix: http://git.php.net/?p=php-src.git;a=commitdiff;h=8f4a5373bb71590352fd934028d6dde5bc18530b CVE-2013-7226 was assigned to this issue. References: https://bugs.php.net/bug.php?id=66356 http://www.php.net/ChangeLog-5.php#5.5.9 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7226 https://bugzilla.redhat.com/show_bug.cgi?id=1065108
bugbot adjusting priority
Reading the bug report, "All versions of PHP containing the imagecrop() function are vulnerable, i.e. PHP 5.5.0 and newer." Factory has fixed 5.5.9, so sle12 remains.
Verified: 5.5.8 segfaults on i586 for all 4 POCs listed in bug, 5.5.9 no.
There's really not imagecrop() function in 5.4, 5.3 and 5.2, so POCs are void there.
I'd do an version update.
Done, thanks.
The SWAMPID for this issue is 56329. This issue was rated as important. Please submit fixed packages until 2014-02-27. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Affected packages: SLE-11-SP3: php53, php5 SLE-11-SP2: php53, php5 SLE-11-SP1: php5 SLE-10-SP3: php5 SLE-10-SP3-TERADATA: php5
The SWAMPID for this issue is 56343. This issue was rated as important. Please submit fixed packages until 2014-02-27. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
no imagecrop in sle11 php53.
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-04-13. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/61384