Vulnerability Description
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 4.0 |
Related Weaknesses (CWE)
References
- http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.
- http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&v
- http://docs.info.apple.com/article.html?artnum=306172
- http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://rhn.redhat.com/errata/RHSA-2007-0155.htmlVendor Advisory
- http://secunia.com/advisories/24814Vendor Advisory
- http://secunia.com/advisories/24909Vendor Advisory
- http://secunia.com/advisories/24924Vendor Advisory
- http://secunia.com/advisories/24945Vendor Advisory
- http://secunia.com/advisories/24965Vendor Advisory
- http://secunia.com/advisories/25056Vendor Advisory
- http://secunia.com/advisories/25151Vendor Advisory
- http://secunia.com/advisories/25445Vendor Advisory
- http://secunia.com/advisories/26235Vendor Advisory
FAQ
What is CVE-2007-1001?
CVE-2007-1001 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to ...
How severe is CVE-2007-1001?
CVE-2007-1001 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1001?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php.