CVE-2007-0455

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.

🔗 References (70)

• secalert@redhathttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607
• secalert@redhathttp://fedoranews.org/cms/node/2631
• secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
• secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
• secalert@redhathttp://lists.rpath.com/pipermail/security-announce/2007-February/000145.html
• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2007-0155.html
• secalert@redhathttp://secunia.com/advisories/23916
• secalert@redhathttp://secunia.com/advisories/24022
• secalert@redhathttp://secunia.com/advisories/24052
• secalert@redhathttp://secunia.com/advisories/24053
• secalert@redhathttp://secunia.com/advisories/24107
• secalert@redhathttp://secunia.com/advisories/24143
• secalert@redhathttp://secunia.com/advisories/24151
• secalert@redhathttp://secunia.com/advisories/24924
• secalert@redhathttp://secunia.com/advisories/24945