Computer Security
[EN] securityvulns.ru no-pyccku


PHP ext/gd use after free() vulnerability
Published:22.03.2007
Source:
SecurityVulns ID:7451
Type:library
Threat Level:
6/10
Description:During exceptional conditions handling, some resourceses aree free()ed and later accessed.
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
CVE:CVE-2007-1582 (The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources.)
Original documentdocumentPHP-SECURITY, MOPB-27-2007:PHP ext/gd Already Freed Resource Access Vulnerability (22.03.2007)
Files:PHP gd already freed resource usage exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod