FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4484

This CVE name corresponds to:

Entered Topic
2006-09-13 php -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2006-4484
Phase Assigned(20060831)

Description

Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

References

Source Reference
BUGTRAQ 20061005 rPSA-2006-0182-1 php php-mysql php-pgsql
BUGTRAQ 20080206 rPSA-2008-0046-1 gd
BUGTRAQ 20080212 FLEA-2008-0007-1 gd
CONFIRM http://bugs.php.net/bug.php?id=38112
CONFIRM http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.10&r2=1.11
CONFIRM http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?view=log
CONFIRM http://www.php.net/ChangeLog-5.php#5.1.5
CONFIRM http://www.php.net/release_5_1_5.php
CONFIRM https://issues.rpath.com/browse/RPL-683
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0046
CONFIRM https://issues.rpath.com/browse/RPL-2218
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0046
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=431568
FEDORA FEDORA-2008-1643
MANDRIVA MDKSA-2006:162
MANDRIVA MDVSA-2008:038
MANDRIVA MDVSA-2008:077
REDHAT RHSA-2006:0688
REDHAT RHSA-2008:0146
SGI 20061001-01-P
SUSE SUSE-SA:2006:052
SUSE SUSE-SR:2008:003
SUSE SUSE-SR:2008:005
SUSE SUSE-SR:2008:013
TURBO TLSA-2006-38
UBUNTU USN-342-1
BID 19582
OVAL oval:org.mitre.oval:def:9004
VUPEN ADV-2006-3318
SECTRACK 1016984
SECUNIA 21546
SECUNIA 21768
SECUNIA 21842
SECUNIA 22069
SECUNIA 22225
SECUNIA 22440
SECUNIA 22538
SECUNIA 22487
SECUNIA 22039
SECUNIA 28768
SECUNIA 28838
SECUNIA 28845
SECUNIA 28866
SECUNIA 28959
SECUNIA 29157
SECUNIA 29242
SECUNIA 29546
SECUNIA 30717