Description
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2003-0192)
PHP Improper Input Validation Vulnerability (CVE-2014-3487)
WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection (2.55)
WordPress Plugin WP Gravity Forms Zendesk Cross-Site Scripting (1.0.7)
WordPress Plugin RestroPress-Online Food Ordering System Cross-Site Request Forgery (2.8.2)