mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 23:14:03 +02:00
0xMarcio
879 B
879 B
CVE-2006-4484
Description
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
POC
Reference
- http://www.redhat.com/support/errata/RHSA-2008-0146.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9004