CVE-2007-1001

NONECVSS 0.0

0.0

Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.

🔗 References (70)

secalert@redhathttp://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1
secalert@redhathttp://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markup
secalert@redhathttp://docs.info.apple.com/article.html?artnum=306172
secalert@redhathttp://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html
secalert@redhathttp://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2007-0155.html
secalert@redhathttp://secunia.com/advisories/24814
secalert@redhathttp://secunia.com/advisories/24909
secalert@redhathttp://secunia.com/advisories/24924
secalert@redhathttp://secunia.com/advisories/24945
secalert@redhathttp://secunia.com/advisories/24965
secalert@redhathttp://secunia.com/advisories/25056
secalert@redhathttp://secunia.com/advisories/25151
secalert@redhathttp://secunia.com/advisories/25445
secalert@redhathttp://secunia.com/advisories/26235

Is Your Infrastructure Affected by CVE-2007-1001?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1001

📅 Published

🔄 Last Modified

🔗 References (70)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1001?