CVE-2007-4033

Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.

🔗 References (80)

• cve@mitrehttp://bugs.gentoo.org/show_bug.cgi?id=193437
• cve@mitrehttp://fedoranews.org/updates/FEDORA-2007-234.shtml
• cve@mitrehttp://secunia.com/advisories/26241
• cve@mitrehttp://secunia.com/advisories/26901
• cve@mitrehttp://secunia.com/advisories/26981
• cve@mitrehttp://secunia.com/advisories/26992
• cve@mitrehttp://secunia.com/advisories/27239
• cve@mitrehttp://secunia.com/advisories/27297
• cve@mitrehttp://secunia.com/advisories/27439
• cve@mitrehttp://secunia.com/advisories/27599
• cve@mitrehttp://secunia.com/advisories/27718
• cve@mitrehttp://secunia.com/advisories/27743
• cve@mitrehttp://secunia.com/advisories/28345
• cve@mitrehttp://secunia.com/advisories/30168
• cve@mitrehttp://security.gentoo.org/glsa/glsa-200710-12.xml