Description
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Remediation
References
Related Vulnerabilities
WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)
WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)
WordPress Plugin Contact Form Multi by BestWebSoft Cross-Site Scripting (1.2.0)