CVE-2008-5498

EPSS 8.8%

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.

Produtos afetados

n/a · n/a

PoCs públicas encontradas — 1

exploitdbwww.exploit-db.com/exploits/7646não verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361&diff_format=u http://downloads.securityfocus.com/vulnerabilities/exploits/33002-2.php http://downloads.securityfocus.com/vulnerabilities/exploits/33002.php http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://osvdb.org/51031 http://secunia.com/advisories/34642 http://secunia.com/advisories/35306 http://secunia.com/advisories/35650 http://secunia.com/advisories/36701