Description
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
Exploits (2)
nomisec
WORKING POC
2 stars
by huzhenghui · poc
https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711
nomisec
WORKING POC
1 stars
by huzhenghui · poc
https://github.com/huzhenghui/Test-7-2-1-PHP-CVE-2018-5711
References (11)
Scores
CVSS v3
5.5
EPSS
0.0784
EPSS Percentile
92.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-681
CWE-835
Status
published
Products (7)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
debian/debian_linux
7.0
debian/debian_linux
8.0
php/php
7.2.0
php/php
< 5.6.32
Published
Jan 16, 2018
Tracked Since
Feb 18, 2026