exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2007-0455

Status Candidate

Overview

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.

Related Files

Slackware Security Advisory - libwmf Updates
Posted May 3, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libwmf packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2004-0941, CVE-2006-3376, CVE-2007-0455, CVE-2007-2756, CVE-2007-3472, CVE-2007-3473, CVE-2007-3477, CVE-2009-3546, CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696, CVE-2016-10167, CVE-2016-10168, CVE-2016-9011, CVE-2016-9317, CVE-2017-6362
SHA-256 | e36e4f72eb165ba8766f63e12181c95dca942d5b1f2756db4eedb949f09b3bc5
Debian Linux Security Advisory 1936-1
Posted Nov 18, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1936-1 - Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2007-0455, CVE-2009-3546
SHA-256 | 66708303038192047a61eddb05e535eccc4f5020eceeb60349b6a70ac5c0494e
Ubuntu Security Notice 473-1
Posted Jun 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 473-1 - A buffer overflow was discovered in libgd2's font renderer. By tricking an application using libgd2 into rendering a specially crafted string with a JIS encoded font, a remote attacker could read heap memory or crash the application, leading to a denial of service. Xavier Roche discovered that libgd2 did not correctly validate PNG callback results. If an application were tricked into processing a specially crafted PNG image, it would monopolize CPU resources. Since libgd2 is often used in PHP and Perl web applications, this could lead to a remote denial of service.

tags | advisory, remote, web, denial of service, overflow, perl, php
systems | linux, ubuntu
advisories | CVE-2007-0455, CVE-2007-2756
SHA-256 | 6abb073db2f4b279f8cc285aabdf42ffb187a69c115712540efffbb55e365bf1
Mandriva Linux Security Advisory 2007.109
Posted May 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Tetex 3.x uses an embedded copy of the gd source and may also be affected by this issue. A buffer overflow in the open_sty function for makeindex in Tetex could allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0455, CVE-2007-0650
SHA-256 | 09ea777e2263077052ec7d39b6ca87039f3fa15d2bd7cc692d25712c6cdfb3c5
Mandriva Linux Security Advisory 2007.038
Posted Feb 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path. Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. PHP uses an embedded copy of GD and may be susceptible to the same issue.

tags | advisory, remote, denial of service, overflow, arbitrary, local, php
systems | linux, mandriva
advisories | CVE-2006-6383, CVE-2007-0455
SHA-256 | 20bd43ac9ea3ba7f56ad433b0486fe65759e84d86c4a41734fbc2d70733c5101
Mandriva Linux Security Advisory 2007.036
Posted Feb 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Libwmf uses an embedded copy of the gd source and may also be affected by this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0455
SHA-256 | 3ccb8f4b2f9c4ee4a6b8b26adeb9496f9c74bfdda291175576d8232aa18da431
Mandriva Linux Security Advisory 2007.035
Posted Feb 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0455
SHA-256 | d620117ee726daa326b908438ceae7d147c52d5b3b6522e956f50670d7e53b3b
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close