7.5

CVE-2007-4033

Exploit
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter.  NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version5.2.3
T1libT1lib Version5.1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 18.66% 0.969
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/30168
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://secunia.com/advisories/27439
Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_23_sr.html
http://bugs.gentoo.org/show_bug.cgi?id=193437
http://fedoranews.org/updates/FEDORA-2007-234.shtml
http://secunia.com/advisories/26241
Vendor Advisory
http://secunia.com/advisories/26901
Vendor Advisory
http://secunia.com/advisories/26981
Vendor Advisory
http://secunia.com/advisories/26992
Vendor Advisory
http://secunia.com/advisories/27239
Vendor Advisory
http://secunia.com/advisories/27297
http://secunia.com/advisories/27599
Vendor Advisory
http://secunia.com/advisories/27718
http://secunia.com/advisories/27743
Vendor Advisory
http://secunia.com/advisories/28345
http://security.gentoo.org/glsa/glsa-200710-12.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007
http://www.bugtraq.ir/adv/t1lib.txt
http://www.debian.org/security/2007/dsa-1390
http://www.mandriva.com/security/advisories?name=MDKSA-2007:189
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://www.redhat.com/support/errata/RHSA-2007-1027.html
http://www.redhat.com/support/errata/RHSA-2007-1030.html
http://www.redhat.com/support/errata/RHSA-2007-1031.html
http://www.securityfocus.com/archive/1/480239/100/100/threaded
http://www.securityfocus.com/archive/1/480244/100/100/threaded
http://www.securityfocus.com/archive/1/485823/100/0/threaded
http://www.securityfocus.com/archive/1/487984/100/0/threaded
http://www.securityfocus.com/bid/25079
Exploit
http://www.securitytracker.com/id?1018905
http://www.ubuntu.com/usn/usn-515-1
https://bugzilla.redhat.com/show_bug.cgi?id=303021
https://exchange.xforce.ibmcloud.com/vulnerabilities/35620
https://issues.rpath.com/browse/RPL-1972
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557
https://www.exploit-db.com/exploits/4227
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html