Description

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

Remediation

References

CVE-2008-3658

Related Vulnerabilities

WordPress Plugin File Manager Unspecified Vulnerability (5.1.5)

RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-0899)

WordPress Plugin Cookiebot-GDPR/CCPA Compliant Cookie Consent and Control Cross-Site Scripting (3.6.0)

WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)

PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10211)

Severity

High

Classification

CVE-2008-3658 CWE-119

Tags

Missing Update Known Vulnerabilities