CVE-2008-3658
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.gentoo.org/show_bug.cgi?id=234102http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.htmlhttp://marc.info/?l=bugtraq&m=123376588623823&w=2http://marc.info/?l=bugtraq&m=125631037611762&w=2http://news.php.net/php.cvs/51219http://osvdb.org/47484http://secunia.com/advisories/31982http://secunia.com/advisories/32148http://secunia.com/advisories/32316http://secunia.com/advisories/32746