← volver
CVE-2007-1001

CVE-2007-1001

EPSS 8.3%
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/29823no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markuphttp://docs.info.apple.com/article.html?artnum=306172http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.htmlhttp://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://rhn.redhat.com/errata/RHSA-2007-0155.htmlhttp://secunia.com/advisories/24814http://secunia.com/advisories/24909http://secunia.com/advisories/24924http://secunia.com/advisories/24945http://secunia.com/advisories/24965http://secunia.com/advisories/25056