The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
[
{
"source": "https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae",
"id": "CVE-2016-7127-b20a7f9e",
"digest": {
"threshold": 0.9,
"line_hashes": [
"13061000410432496893915167939260265663",
"16449094754789311592583499708074726003",
"249040513906500853715332747983958150376"
]
},
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "ext/gd/gd.c"
},
"signature_type": "Line"
},
{
"source": "https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae",
"id": "CVE-2016-7127-c5e74e49",
"digest": {
"function_hash": "182819258980180063651267922896273285635",
"length": 1319.0
},
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "PHP_FUNCTION",
"file": "ext/gd/gd.c"
},
"signature_type": "Function"
}
]