Description
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Facebook Multiple Cross-Site Scripting Vulnerabilities (1.0.10)
WebLogic CVE-2020-14638 Vulnerability (CVE-2020-14638)
WordPress Plugin Super Simple Custom CSS Cross-Site Scripting (1.2)
MySQL CVE-2017-3450 Vulnerability (CVE-2017-3450)
WordPress Plugin YITH WooCommerce Best Sellers Security Bypass (1.1.11)