Mandriva Linux Security Advisory 2009-264 - Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. The updated packages have been patched to prevent this.
0c3e84909471c50a9b07d973c3ae6e1b17aca9fdb881fc457449deeb49d0b232Ubuntu Security Notice USN-720-1 - A significant amount of vulnerabilities in PHP 5 have been addressed. These range from security bypass to denial of service issues.
a31f39cf30e5eb073f9dc121d4e40f5b0fdbb62143587c9dc60669c009e7c708Debian Security Advisory 1613-1 - Multiple vulnerabilities have been identified in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following three issues:
1ec400aa47c3df11688f737aeb1905ab1846b62ee1039d4e1efa0f452cf223c9Ubuntu Security Notice 557-1 - Mattias Bengtsson and Philip Olausson discovered that the GD library did not properly perform bounds checking when creating images. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code.
ed13d4e056ae666b4f0da0b2ba5ce53640bb831f56b258edea93cdd51e515516Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.
0954c820cef174c83409c66ee739a3d9955c800b776a51d4b17c9452a9f19875Mandriva Linux Security Advisory - Numerous vulnerabilities were discovered in the PHP scripting language that are corrected with this update. Not just a couple, not a few, but many.
01d42bfc7015b848897634663e966d52f46f75ad839abd6b538db6357c46f4f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed