Description

Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.

Remediation

References

CVE-2007-4033

Related Vulnerabilities

phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)

ProjectSend Use of Insufficiently Random Values Vulnerability (CVE-2024-7659)

Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20506)

WordPress Plugin Comment Extra Fields 'cef-upload.php' Arbitrary File Upload (1.7)

Nginx Insufficient Session Expiration Vulnerability (CVE-2014-3616)

Severity

High

Classification

CVE-2007-4033 CWE-119

Tags

Missing Update Known Vulnerabilities