Computer Security
[EN] securityvulns.ru no-pyccku


PHP gd extension readwbmp() function integer overflow
Published:08.04.2007
Source:
SecurityVulns ID:7545
Type:library
Threat Level:
5/10
Description:Buffer overflow on WBMP image parsing.
Affected:PHP : PHP 5.2
CVE:CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.)
Original documentdocumentifsecure_(at)_gmail.com, PHP <= 5.2.1 wbmp file handling integer overflow (08.04.2007)
Files:Exploits PHP <= 5.2.1 wbmp file handling integer overflow

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod