CVE-2016-8670 log

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf() was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy(). An attacker could create a crafted image that would lead to a crash or, potentially, code execution.
Group Package Affected Fixed Severity Status Ticket
AVG-58 php 7.0.12-2 7.0.13-1 High Fixed
Date Advisory Group Package Severity Description
18 Nov 2016 ASA-201611-19 AVG-58 php High multiple issues
References
https://bugs.php.net/bug.php?id=73280
http://www.openwall.com/lists/oss-security/2016/10/15/6