Back to search
CVE-2007-4033
Published: Jul 27, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
GLSA-200710-12
vendor-advisory
x_refsource_GENTOO
27743
third-party-advisory
x_refsource_SECUNIA
26901
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10557
vdb-entry
signature
x_refsource_OVAL
php-imagepsloadfont-bo(35620)
vdb-entry
x_refsource_XF
FEDORA-2007-2343
vendor-advisory
x_refsource_FEDORA
20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability
mailing-list
x_refsource_BUGTRAQ
DSA-1390
vendor-advisory
x_refsource_DEBIAN
27297
third-party-advisory
x_refsource_SECUNIA
GLSA-200805-13
vendor-advisory
x_refsource_GENTOO
20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi
mailing-list
x_refsource_BUGTRAQ
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=303021
x_refsource_MISC
FEDORA-2007-750
vendor-advisory
x_refsource_FEDORA
RHSA-2007:1031
vendor-advisory
x_refsource_REDHAT
MDKSA-2007:189
vendor-advisory
x_refsource_MANDRIVA
4227
exploit
x_refsource_EXPLOIT-DB
30168
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1972
x_refsource_CONFIRM
27239
third-party-advisory
x_refsource_SECUNIA
26241
third-party-advisory
x_refsource_SECUNIA
20070921 Re: [USN-515-1] t1lib vulnerability
mailing-list
x_refsource_BUGTRAQ
25079
vdb-entry
x_refsource_BID
27718
third-party-advisory
x_refsource_SECUNIA
http://www.bugtraq.ir/adv/t1lib.txt
x_refsource_MISC
GLSA-200711-34
vendor-advisory
x_refsource_GENTOO
28345
third-party-advisory
x_refsource_SECUNIA
27599
third-party-advisory
x_refsource_SECUNIA
USN-515-1
vendor-advisory
x_refsource_UBUNTU
27439
third-party-advisory
x_refsource_SECUNIA
1018905
vdb-entry
x_refsource_SECTRACK
FEDORA-2007-3390
vendor-advisory
x_refsource_FEDORA
26981
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:1027
vendor-advisory
x_refsource_REDHAT
RHSA-2007:1030
vendor-advisory
x_refsource_REDHAT
MDKSA-2007:230
vendor-advisory
x_refsource_MANDRIVA
26992
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=193437
x_refsource_CONFIRM
SUSE-SR:2007:023
vendor-advisory
x_refsource_SUSE
20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now