Vulnerability Description
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 5.2.3 |
| T1Lib | T1Lib | 5.1.1 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=193437
- http://fedoranews.org/updates/FEDORA-2007-234.shtml
- http://secunia.com/advisories/26241Vendor Advisory
- http://secunia.com/advisories/26901Vendor Advisory
- http://secunia.com/advisories/26981Vendor Advisory
- http://secunia.com/advisories/26992Vendor Advisory
- http://secunia.com/advisories/27239Vendor Advisory
- http://secunia.com/advisories/27297
- http://secunia.com/advisories/27439Vendor Advisory
- http://secunia.com/advisories/27599Vendor Advisory
- http://secunia.com/advisories/27718
- http://secunia.com/advisories/27743Vendor Advisory
- http://secunia.com/advisories/28345
- http://secunia.com/advisories/30168
- http://security.gentoo.org/glsa/glsa-200710-12.xml
FAQ
What is CVE-2007-4033?
CVE-2007-4033 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this iss...
How severe is CVE-2007-4033?
CVE-2007-4033 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4033?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php, T1Lib T1Lib.