PT-2011-1653 · Php · Php
Published
2011-01-18
·
Updated
2017-09-19
·
CVE-2010-4698
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
PHP versions prior to 5.2.15
PHP versions 5.3.x prior to 5.3.4
Description
The issue is a stack-based buffer overflow in the GD extension, allowing context-dependent attackers to cause a denial of service, specifically an application crash. This can be achieved by providing a large number of anti-aliasing steps in an argument to the
imagepstext function.Recommendations
For PHP versions prior to 5.2.15, update to version 5.2.15 or later.
For PHP versions 5.3.x prior to 5.3.4, update to version 5.3.4 or later.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php