Description
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Remediation
References
Related Vulnerabilities
Nginx Off-by-one Error Vulnerability (CVE-2021-23017)
WordPress Plugin MapSVG Lite Cross-Site Request Forgery (4.2.4)
PHP NULL Pointer Dereference Vulnerability (CVE-2017-9229)
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2019-3823)
WordPress Plugin Patreon WordPress Multiple Cross-Site Scripting Vulnerabilities (1.7.1)