Description
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ad Invalid Click Protector (AICP) Malicious Code (1.2.9)
WordPress CVE-2012-2399 Vulnerability (CVE-2012-2399)
Werkzeug WSGI Out-of-bounds Write Vulnerability (CVE-2023-46136)
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3470)
WordPress Plugin SendPress Newsletters Security Bypass (1.2.10.20)