{"vulnerability": "CVE-2019-6977", "sightings": [{"uuid": "20c568b8-dd9a-42ba-a547-3f39c60455f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6977", "type": "published-proof-of-concept", "source": "https://t.me/antichat/3758", "content": "CVE-2019-6977-imagecolormatch\nhttps://github.com/cfreal/exploits/tree/master/CVE-2019-6977-imagecolormatch", "creation_timestamp": "2019-02-27T14:46:09.000000Z"}, {"uuid": "6ffd9507-b6c8-4820-808c-2e15c10b73b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6977", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/5169", "content": "CVE-2019-6977-imagecolormatch\nhttps://github.com/cfreal/exploits/tree/master/CVE-2019-6977-imagecolormatch", "creation_timestamp": "2019-02-27T15:40:46.000000Z"}, {"uuid": "a542a90e-95ac-45d5-9346-883671b0665e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6977", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/119", "content": "CVE-2019-6977 gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP (different versions), has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.\nimagecolormatch() OOB Heap Write exploit: https://github.com/cfreal/exploits/tree/master/CVE-2019-6977-imagecolormatch", "creation_timestamp": "2019-02-27T16:37:09.000000Z"}, {"uuid": "b0cf08dd-0289-440b-825b-22bdf5ce914f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6977", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/188", "content": "#exploit\n1. CVE-2019-1663:\nA pre-authentication code execution vulnerability in the RV110W/RV130W/RV215W router series\nhttps://www.pentestpartners.com/security-blog/cisco-rv130-its-2019-but-yet-strcpy\n\n2. CVE-2019-6977:\nPHP \"Sandbox\" escape\nhttps://hackerone.com/reports/478368", "creation_timestamp": "2022-12-07T16:08:09.000000Z"}]}