CVE-2007-3996

by Fred · 04/09/2007

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

Date published : 2007-09-04

http://bugs.gentoo.org/show_bug.cgi?id=201546

http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm

CVE-2007-3996

Similar

Recent Posts

Categories

CVE-2007-3996

Share this:

Similar

Recent Posts

Categories

Tags