[php-maint] Bug#439927: CVE-2007-4033: Buffer overflow in GD extension

Thijs Kinkhorst thijs at debian.org
Tue Aug 28 14:28:00 UTC 2007

Package: php5
Tags: security


A security issue has been reported against the GD extension in PHP:

> Buffer overflow in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3
> allows context-dependent attackers to execute arbitrary code via a long
> argument to the imagepsloadfont function.  

I've tried to assess whether Debian is vulnerable to this, but cannot come to 
a definitive "yes" or "no". Could you please investigate?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070828/e756234f/attachment.pgp 

More information about the pkg-php-maint mailing list