Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.
- http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html
- https://github.com/a85tract/Lancet
- https://github.com/mudongliang/LinuxFlaw
- https://github.com/oneoy/cve-