PHP '_gdGetColors()' Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is running PHP and is prone to Buffer Overflow vulnerability.

Impact

Successful exploitation could allow attackers to potentially compromise a vulnerable system. Impact Level: System

Solution

Apply patches from SVN repository, http://svn.php.net/viewvc?view=revision&revision=289557 ***** NOTE: Ignore this warning if patch is already applied. *****

Insight

The flaw is due to error in '_gdGetColors' function in gd_gd.c which fails to check certain colorsTotal structure member, whicn can be exploited to cause buffer overflow or buffer over-read attacks via a crafted GD file.

Affected

PHP version 5.2.x to 5.2.11 and 5.3.0 on Linux.

References

http://marc.info/?l=oss-security&m=125562113503923&w=2
http://secunia.com/advisories/37080/
http://www.vupen.com/english/advisories/2009/2930

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3546

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
ALLMediaServer Request Handling Stack Buffer Overflow Vulnerability
Amarok Player Multiple Vulnerabilities
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)

Take action and discover your vulnerabilities