First published: Sun Jul 16 2006(Updated: )
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/gd | <0:2.0.28-5.4E.el4_6.1 | 0:2.0.28-5.4E.el4_6.1 |
redhat/gd | <0:2.0.33-9.4.el5_1.1 | 0:2.0.33-9.4.el5_1.1 |
redhat/php | <0:5.1.4-1.el4 | 0:5.1.4-1.el4 |
PHP PHP | =5.1.2 | |
PHP PHP | =5.1.1 | |
PHP PHP | =5.1.4 | |
PHP PHP | =5.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)