---

CVE-2016-8670 - log back

CVE-2016-8670 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf() was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy(). An attacker could create a crafted image that would lead to a crash or, potentially, code execution.
References	+ https://bugs.php.net/bug.php?id=73280 + http://www.openwall.com/lists/oss-security/2016/10/15/6
Notes