Description
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Download Plugin Unspecified Vulnerability (1.6.1)
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2016-2177)
WordPress Plugin Automated Editor Cross-Site Scripting (1.3)
SharePoint CVE-2022-21840 Vulnerability (CVE-2022-21840)
Oracle Database Server CVE-2010-0852 Vulnerability (CVE-2010-0852)