Description
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
Remediation
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0866)
WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)
WordPress Plugin IzeeChat-Live Chat Cross-Site Scripting (1.0)
WordPress Plugin eBay Feeds for WordPress Cross-Site Scripting (1.0)
WordPress Plugin Register IPs Unspecified Vulnerability (1.8.0)