Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Numeric Errors Vulnerability - CVE-2014-2020 - Vulnerability Database
PHP

PHP Numeric Errors Vulnerability - CVE-2014-2020

Medium
Reference: CVE-2014-2020
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-2020
Title: PHP Numeric Errors Vulnerability
Overview:

ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type as demonstrated by an imagecrop function call with a string for the x dimension value a different vulnerability than CVE-2013-7226.