You are here

CVE-2006-4484

Vincent (CVE) Danen's picture
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

Details Source

Mitre

Public Date

2006-07-16 00:00:00

Impact

Moderate

Bugzilla

CVE-2006-4484 gd: GIF handling buffer overflow

Bugzilla ID

431 568

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (gd) RHSA-2008:0146 2008-02-28
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (php) RHSA-2006:0688 2006-10-05
Red Hat Enterprise Linux 3 (php) RHSA-2006:0669 2006-09-21
Red Hat Enterprise Linux 4 (php) RHSA-2006:0669 2006-09-21
Red Hat Enterprise Linux 5 (gd) RHSA-2008:0146 2008-02-28