JVN/CVE Demo: Cveinfos

CVE

Id: 23812
CVE No.: CVE-2007-0455
Status: Candidate
Description: Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Phase: Assigned (20070123)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
231534	23812	CVE-2007-0455	BUGTRAQ:20070418 rPSA-2007-0073-1 php php-mysql php-pgsql	View
231535	23812	CVE-2007-0455	URL:http://www.securityfocus.com/archive/1/archive/1/466166/100/0/threaded	View
231536	23812	CVE-2007-0455	MLIST:[security-announce] 20070208 rPSA-2007-0028-1 gd	View
231537	23812	CVE-2007-0455	URL:http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html	View
231538	23812	CVE-2007-0455	CONFIRM:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607	View
231539	23812	CVE-2007-0455	CONFIRM:https://issues.rpath.com/browse/RPL-1030	View
231540	23812	CVE-2007-0455	CONFIRM:https://issues.rpath.com/browse/RPL-1268	View
231541	23812	CVE-2007-0455	FEDORA:FEDORA-2007-150	View
231542	23812	CVE-2007-0455	URL:http://fedoranews.org/cms/node/2631	View
231543	23812	CVE-2007-0455	FEDORA:FEDORA-2010-19022	View
231544	23812	CVE-2007-0455	URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html	View
231545	23812	CVE-2007-0455	FEDORA:FEDORA-2010-19033	View
231546	23812	CVE-2007-0455	URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html	View
231547	23812	CVE-2007-0455	MANDRIVA:MDKSA-2007:035	View
231548	23812	CVE-2007-0455	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:035	View
231549	23812	CVE-2007-0455	MANDRIVA:MDKSA-2007:036	View
231550	23812	CVE-2007-0455	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:036	View
231551	23812	CVE-2007-0455	MANDRIVA:MDKSA-2007:038	View
231552	23812	CVE-2007-0455	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:038	View
231553	23812	CVE-2007-0455	MANDRIVA:MDKSA-2007:109	View
231554	23812	CVE-2007-0455	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:109	View
231555	23812	CVE-2007-0455	REDHAT:RHSA-2007:0155	View
231556	23812	CVE-2007-0455	URL:http://rhn.redhat.com/errata/RHSA-2007-0155.html	View
231557	23812	CVE-2007-0455	REDHAT:RHSA-2007:0153	View
231558	23812	CVE-2007-0455	URL:http://www.redhat.com/support/errata/RHSA-2007-0153.html	View
231559	23812	CVE-2007-0455	REDHAT:RHSA-2007:0162	View
231560	23812	CVE-2007-0455	URL:http://www.redhat.com/support/errata/RHSA-2007-0162.html	View
231561	23812	CVE-2007-0455	REDHAT:RHSA-2008:0146	View
231562	23812	CVE-2007-0455	URL:http://www.redhat.com/support/errata/RHSA-2008-0146.html	View
231563	23812	CVE-2007-0455	TRUSTIX:2007-0007	View
231564	23812	CVE-2007-0455	URL:http://www.trustix.org/errata/2007/0007	View
231565	23812	CVE-2007-0455	UBUNTU:USN-473-1	View
231566	23812	CVE-2007-0455	URL:http://www.ubuntu.com/usn/usn-473-1	View
231567	23812	CVE-2007-0455	BID:22289	View
231568	23812	CVE-2007-0455	URL:http://www.securityfocus.com/bid/22289	View
231569	23812	CVE-2007-0455	OVAL:oval:org.mitre.oval:def:11303	View
231570	23812	CVE-2007-0455	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11303	View
231571	23812	CVE-2007-0455	SECUNIA:42813	View
231572	23812	CVE-2007-0455	URL:http://secunia.com/advisories/42813	View
231573	23812	CVE-2007-0455	VUPEN:ADV-2007-0400	View
231574	23812	CVE-2007-0455	URL:http://www.vupen.com/english/advisories/2007/0400	View
231575	23812	CVE-2007-0455	SECUNIA:23916	View
231576	23812	CVE-2007-0455	URL:http://secunia.com/advisories/23916	View
231577	23812	CVE-2007-0455	SECUNIA:24022	View
231578	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24022	View
231579	23812	CVE-2007-0455	SECUNIA:24052	View
231580	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24052	View
231581	23812	CVE-2007-0455	SECUNIA:24053	View
231582	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24053	View
231583	23812	CVE-2007-0455	SECUNIA:24107	View
231584	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24107	View
231585	23812	CVE-2007-0455	SECUNIA:24143	View
231586	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24143	View
231587	23812	CVE-2007-0455	SECUNIA:24151	View
231588	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24151	View
231589	23812	CVE-2007-0455	SECUNIA:24924	View
231590	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24924	View
231591	23812	CVE-2007-0455	SECUNIA:24965	View
231592	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24965	View
231593	23812	CVE-2007-0455	SECUNIA:24945	View
231594	23812	CVE-2007-0455	URL:http://secunia.com/advisories/24945	View
231595	23812	CVE-2007-0455	SECUNIA:25575	View
231596	23812	CVE-2007-0455	URL:http://secunia.com/advisories/25575	View
231597	23812	CVE-2007-0455	SECUNIA:29157	View
231598	23812	CVE-2007-0455	URL:http://secunia.com/advisories/29157	View
231599	23812	CVE-2007-0455	VUPEN:ADV-2011-0022	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
51549	JVNDB-2007-000211	Wireshark の IEEE 802.11 解析部におけるサービス運用妨害 (DoS) の脆弱性	Wireshark (旧名:Ethereal) には、IEEE 802.11 解析部の不備によりクラッシュする脆弱性が存在します。	CVE-2007-0457	23812	2.9		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000211.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.36 MB
View render complete	2.87 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	5.21
Event: Controller.initialize	0.02
Event: Controller.startup	0.10
Controller action	414.95
Event: Controller.beforeRender	6.78
» Processing toolbar data	6.66
Rendering View	19.62
» Event: View.beforeRender	0.03
» Rendering APP/View/Cveinfos/view.ctp	18.39
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.68
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.13
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/23812
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/23812
Remote Port	17952
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.118
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.69.205
Http Via	1.1 squid-proxy-5b5d847c96-kvcjn (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.118
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.118
Unique Id	aSpwG4J6nGyWFcZ1q5lCHwAAAic
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.118
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.118
Redirect Unique Id	aSpwG4J6nGyWFcZ1q5lCHwAAAic
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.118
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.118
Redirect Redirect Unique Id	aSpwG4J6nGyWFcZ1q5lCHwAAAic
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1764388891.0282
Request Time	1764388891

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files