CVE-2010-4698
Published: 18 January 2011
Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
php5 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.3.4)
|
|
Patches: Upstream: http://svn.php.net/viewvc?view=revision&revision=306075 Upstream: http://svn.php.net/viewvc?view=revision&revision=306236 |
||
Notes
| Author | Note |
|---|---|
| sbeattie | natty needs regression patch applied (commit 306236) |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4698
- https://ubuntu.com/security/notices/USN-1126-1
- NVD
- Launchpad
- Debian