CVE-2007-4033: Buffer Overflow

Published Jul 27, 2007

Updated

Buffer overflow in the intT1EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in phpgd2.dll in the gd (PHPGD2) extension in PHP 5.2.3.

Affected Software

2 affected components

PHP PHP=5.2.3

t1lib t1lib=5.1.1

Event History

Jul 27, 2007

CVE Published

10:30 PM

Jul 28, 2007

CVE Published

via MITRE·02:00 AM

Data Sourced

via MITRE·02:00 AM

Description

Frequently Asked Questions

What is the severity of CVE-2007-4033?

CVE-2007-4033 has a severity rating that indicates it allows context-dependent attackers to execute arbitrary code.

How do I fix CVE-2007-4033?

To fix CVE-2007-4033, you should upgrade to a patched version of the affected software, preferably a version higher than t1lib 5.1.1.

Which software is affected by CVE-2007-4033?

CVE-2007-4033 affects t1lib version 5.1.1 and PHP version 5.2.3.

What type of vulnerability is CVE-2007-4033?

CVE-2007-4033 is classified as a buffer overflow vulnerability.

What can be exploited in CVE-2007-4033?

CVE-2007-4033 can be exploited through a specially crafted long FileName parameter.

CVE-2007-4033: Buffer Overflow

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2007-4033?

How do I fix CVE-2007-4033?

Which software is affected by CVE-2007-4033?

What type of vulnerability is CVE-2007-4033?

What can be exploited in CVE-2007-4033?

Company

Resources

Contact