CVE-2007-4033
CVE-2007-4033
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/30401não verificadocve_referencewww.exploit-db.com/exploits/4227não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.gentoo.org/show_bug.cgi?id=193437http://fedoranews.org/updates/FEDORA-2007-234.shtmlhttps://bugzilla.redhat.com/show_bug.cgi?id=303021http://secunia.com/advisories/26241http://secunia.com/advisories/26901http://secunia.com/advisories/26981http://secunia.com/advisories/26992http://secunia.com/advisories/27239http://secunia.com/advisories/27297http://secunia.com/advisories/27439http://secunia.com/advisories/27599http://secunia.com/advisories/27718