CVE-2007-0455

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
References
Link Resource
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607 Issue Tracking Third Party Advisory
http://secunia.com/advisories/23916 Not Applicable Vendor Advisory
http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html Broken Link
https://issues.rpath.com/browse/RPL-1030 Broken Link
http://fedoranews.org/cms/node/2631 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:035 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:036 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:038 Broken Link
http://www.trustix.org/errata/2007/0007 Broken Link
http://www.securityfocus.com/bid/22289 Third Party Advisory VDB Entry
http://secunia.com/advisories/24022 Not Applicable
http://secunia.com/advisories/24052 Not Applicable
http://secunia.com/advisories/24053 Not Applicable
http://secunia.com/advisories/24107 Not Applicable
http://secunia.com/advisories/24143 Not Applicable
http://secunia.com/advisories/24151 Not Applicable
http://rhn.redhat.com/errata/RHSA-2007-0155.html Third Party Advisory
http://secunia.com/advisories/24924 Not Applicable
https://issues.rpath.com/browse/RPL-1268 Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0153.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0162.html Third Party Advisory
http://secunia.com/advisories/24965 Not Applicable
http://secunia.com/advisories/24945 Not Applicable
http://www.mandriva.com/security/advisories?name=MDKSA-2007:109 Broken Link
http://www.ubuntu.com/usn/usn-473-1 Third Party Advisory
http://secunia.com/advisories/25575 Not Applicable
http://www.redhat.com/support/errata/RHSA-2008-0146.html Third Party Advisory
http://secunia.com/advisories/29157 Not Applicable
http://secunia.com/advisories/42813 Not Applicable
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html Mailing List Third Party Advisory
http://www.vupen.com/english/advisories/2011/0022 Permissions Required
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html Mailing List Third Party Advisory
http://www.vupen.com/english/advisories/2007/0400 Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303 Third Party Advisory
http://www.securityfocus.com/archive/1/466166/100/0/threaded Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:gd_graphics_library_project:gd_graphics_library:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*

Information

Published : 2007-01-30 09:28

Updated : 2022-07-21 08:17


NVD link : CVE-2007-0455

Mitre link : CVE-2007-0455


JSON object : View

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

dedicated server usa

Products Affected

redhat

  • enterprise_linux_desktop
  • enterprise_linux_workstation
  • enterprise_linux_server

gd_graphics_library_project

  • gd_graphics_library

fedoraproject

  • fedora

canonical

  • ubuntu_linux

php

  • php