CVE-2007-3996

Impact:
Moderate
Public Date:
2007-08-30
CWE:
CWE-190
Bugzilla:
278031: CVE-2007-3996 php multiple integer overflows in gd

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

Find out more about CVE-2007-3996 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (php) RHSA-2007:0890 2007-09-20
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (php) RHSA-2007:0891 2007-10-25
Red Hat Enterprise Linux 3 (php) RHSA-2007:0889 2007-09-26
Red Hat Enterprise Linux 2.1 (php) RHSA-2007:0888 2007-10-23
Red Hat Enterprise Linux 5 (php) RHSA-2007:0890 2007-09-20
Red Hat Application Stack v2 for Enterprise Linux (v.5) (php) RHSA-2007:0917 2007-10-23

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.