CVE-2007-0455 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0455
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0455

Description: Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-473-1 TRUSTIX http://www.trustix.org/errata/2007/0007 SAID Secunia Advisory: SA24143 Secunia Advisory: SA24107 Secunia Advisory: SA24053 Secunia Advisory: SA24052 Secunia Advisory: SA24022 Secunia Advisory: SA23916 Secunia Advisory: SA24151 Secunia Advisory: SA24924 Secunia Advisory: SA24965 Secunia Advisory: SA24945 Secunia Advisory: SA25575 Secunia Advisory: SA29157 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0162.html http://www.redhat.com/support/errata/RHSA-2008-0146.html http://www.redhat.com/support/errata/RHSA-2007-0153.html http://rhn.redhat.com/errata/RHSA-2007-0155.html MLIST http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:038 http://www.mandriva.com/security/advisories?name=MDKSA-2007:109 http://www.mandriva.com/security/advisories?name=MDKSA-2007:036 http://www.mandriva.com/security/advisories?name=MDKSA-2007:035 FEDORA http://fedoranews.org/cms/node/2631 CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/466166/100/0/threaded BID 22289

Return to the previous page.