CVE-2008-3658
Published: 14 August 2008
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Priority
Status
Package | Release | Status |
---|---|---|
php4 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Does not exist
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Needs triage
|
|
php5 Launchpad, Ubuntu, Debian |
dapper |
Released
(5.1.2-1ubuntu3.13)
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Released
(5.2.3-1ubuntu6.5)
|
|
hardy |
Released
(5.2.4-2ubuntu5.5)
|
|
intrepid |
Released
(5.2.6-2ubuntu4.1)
|
|
jaunty |
Not vulnerable
(5.2.6.dfsg.1-3ubuntu2)
|
|
karmic |
Not vulnerable
(5.2.6.dfsg.1-3ubuntu2)
|
|
upstream |
Needs triage
|
|
Patches: vendor: http://www.debian.org/security/2008/dsa-1647 vendor: http://patch-tracking.debian.net/patch/series/view/php5/5.2.0-8+etch13/140-CVE-2008-3658.patch upstream: http://cvs.php.net/viewvc.cgi/php-src/ext/gd/gd.c?hideattic=1&r1=1.312.2.20.2.35&r2=1.312.2.20.2.36 upstream: http://cvs.php.net/viewvc.cgi/php-src/ext/gd/tests/imageloadfont_invalid.phpt?hideattic=1&r1=1.1.4.1&r2=1.1.4.2 (test) upstream: http://cvs.php.net/viewvc.cgi/php-src/ext/gd/tests/imageloadfont_invalid.phpt?hideattic=1&r1=1.1.4.2&r2=1.1.4.3 (test) |