Page 1 of 1

Potential DoS vulnerability regarding GD and GIF

Posted: Wed Jan 17, 2018 3:38 pm
by cmb
Hi everybody!

Recently I was pointed to an issue regarding server side image manipulation of GIF images with GD. The PHP manual cautions:
When reading GIF files into memory, only the first frame is returned in the image resource pointer. The size of the image is not necessarily what is reported by getimagesize().
This is easily overlooked and can lead to DoS vulnerabilities if the image is postprocessed by certain GD functions (such as imagecopyresampled()).

I am not aware of any actively maintained CMSimple_XH plugin which manipulates GIF images which have been supplied by unauthenticated users, but Bookstore_XH 1.2 might be affected.