2.6
CVSSv2

CVE-2006-4484

Published: 31/08/2006 Updated: 30/10/2018
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P

Vulnerability Summary

Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP prior to 5.1.5 allows remote malicious users to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

Vendor Advisories

Debian Bug report logs - #485785 libtk-img: CVE-2008-0553 buffer overflow in ReadImage() leading to arbitrary code execution via crafted GIF Package: libtk-img; Maintainer for libtk-img is Sergei Golovan <sgolovan@debianorg>; Source for libtk-img is src:libtk-img (PTS, buildd, popcon) Reported by: Nico Golde <nion@debian ...
The sscanf() function did not properly check array boundaries In applications which use sscanf() with argument swapping, a remote attacker could potentially exploit this to crash the affected web application or even execute arbitrary code with the application’s privileges (CVE-2006-4020) ...
Debian Bug report logs - #464056 CVE-2006-4484: buffer overflow in giftopnm Package: netpbm; Maintainer for netpbm is Andreas Barth <aba@notsoarghorg>; Source for netpbm is src:netpbm-free (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Mon, 4 Feb 2008 22:15:01 UTC Severity: important Ta ...

References

NVD-CWE-Otherftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.aschttp://bugs.php.net/bug.php?id=38112http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.10&r2=1.11http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?view=loghttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0688.htmlhttp://secunia.com/advisories/21546http://secunia.com/advisories/21768http://secunia.com/advisories/21842http://secunia.com/advisories/22039http://secunia.com/advisories/22069http://secunia.com/advisories/22225http://secunia.com/advisories/22440http://secunia.com/advisories/22487http://secunia.com/advisories/22538http://secunia.com/advisories/28768http://secunia.com/advisories/28838http://secunia.com/advisories/28845http://secunia.com/advisories/28866http://secunia.com/advisories/28959http://secunia.com/advisories/29157http://secunia.com/advisories/29242http://secunia.com/advisories/29546http://secunia.com/advisories/30717http://securitytracker.com/id?1016984http://support.avaya.com/elmodocs2/security/ASA-2006-222.htmhttp://support.avaya.com/elmodocs2/security/ASA-2006-223.htmhttp://wiki.rpath.com/Advisories:rPSA-2008-0046http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0046http://www.mandriva.com/security/advisories?name=MDKSA-2006:162http://www.mandriva.com/security/advisories?name=MDVSA-2008:038http://www.mandriva.com/security/advisories?name=MDVSA-2008:077http://www.novell.com/linux/security/advisories/2006_52_php.htmlhttp://www.novell.com/linux/security/advisories/2008_13_sr.htmlhttp://www.php.net/ChangeLog-5.php#5.1.5http://www.php.net/release_5_1_5.phphttp://www.redhat.com/support/errata/RHSA-2008-0146.htmlhttp://www.securityfocus.com/archive/1/447866/100/0/threadedhttp://www.securityfocus.com/archive/1/487683/100/0/threadedhttp://www.securityfocus.com/archive/1/488008/100/0/threadedhttp://www.securityfocus.com/bid/19582http://www.turbolinux.com/security/2006/TLSA-2006-38.txthttp://www.ubuntu.com/usn/usn-342-1http://www.vupen.com/english/advisories/2006/3318https://bugzilla.redhat.com/show_bug.cgi?id=431568https://issues.rpath.com/browse/RPL-2218https://issues.rpath.com/browse/RPL-683https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9004https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00502.htmlhttps://www.rapid7.com/db/vulnerabilities/vmsa-2008-0009-cve-2008-0553http://tools.cisco.com/security/center/viewAlert.x?alertId=11575https://nvd.nist.govhttps://usn.ubuntu.com/342-1/