Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



PHP multiple DoS conditions
updated since 06.09.2007
Published:08.09.2007
Source:BUGTRAQ
SecurityVulns ID:8120
Type:library
Level:6/10
Description:Crash on oversized strings in fnmatch(), iconv_substr(), glob() and setlocale() functions.
Affected:PHP : PHP 5.2
CVE:CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.)
 CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.)
 CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.)
 CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.)
 CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.)
 CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.)
 CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.)
Original documentdocumentlaurent.gaffie_(at)_gmail.com, PHP <= 5.2.4 multiple Iconv functions denial of service (08.09.2007)
 documentlaurent.gaffie_(at)_gmail.com, PHP <=5.2.4 iconv_substr() denial of service (06.09.2007)
 documentlaurent.gaffie_(at)_gmail.com, PHP < 5.2.3 fnmatch() denial of service (06.09.2007)
 documentlaurent.gaffie_(at)_gmail.com, PHP < 5.2.4 setlocale() denial of service (06.09.2007)
 documentlaurent.gaffie_(at)_gmail.com, PHP < 5.2.3 glob() denial of service (06.09.2007)
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru