Description

Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.

Remediation

References

CVE-2007-1001

Related Vulnerabilities

WordPress Plugin RSVPMaker SQL Injection (7.8.1)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0822)

WordPress Plugin YITH WooCommerce Stripe Security Bypass (2.0.1)

WordPress Plugin Question and Answer Forum 'title' Variable Cross-Site Scripting (1.2.4)

Oracle HTTP Server CVE-2019-2414 Vulnerability (CVE-2019-2414)

Severity

Medium

Classification

CVE-2007-1001

Tags

Missing Update Known Vulnerabilities