Description

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

Remediation

References

CVE-2008-3658

Related Vulnerabilities

PrestaShop CVE-2020-26224 Vulnerability (CVE-2020-26224)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)

WordPress Plugin Coming soon and Maintenance mode Cross-Site Scripting (3.5.2)

WordPress Plugin Custom Post Type UI Cross-Site Request Forgery (1.7.3)

TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4321)

Severity

High

Classification

CVE-2008-3658 CWE-119

Tags

Missing Update Known Vulnerabilities