← volver
CVE-2006-4484

CVE-2006-4484

EPSS 6.4%
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.aschttp://bugs.php.net/bug.php?id=38112http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.10&r2=1.11http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?view=loghttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0688.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=431568http://secunia.com/advisories/21546http://secunia.com/advisories/21768http://secunia.com/advisories/21842http://secunia.com/advisories/22039