CVE-2007-1001

Impact:
Moderate
Public Date:
2007-03-10
Bugzilla:
1618291: CVE-2007-1001 security flaw

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.

Find out more about CVE-2007-1001 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue was fixed in php package updates for Red Hat Enterprise Linux and Red Hat Application Stack:
http://rhn.redhat.com/cve/CVE-2007-1001.html

This issue did not affect the versions of gd as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (php) RHSA-2007:0155 2007-04-16
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (php) RHSA-2007:0162 2007-04-16
Red Hat Enterprise Linux 4 (php) RHSA-2007:0155 2007-04-16
Red Hat Enterprise Linux 5 (php) RHSA-2007:0153 2007-04-20
Last Modified

CVE description copyright © 2017, The MITRE Corporation