NVD

Id
3526  
Name
CVE-2008-3658  
Description
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-08-14  
Modified Date
2013-08-01  
Seq
2008-3658  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
22266 3526 CVE-2008-3658 http://bugs.gentoo.org/show_bug.cgi?id=234102  View
22267 3526 CVE-2008-3658 APPLE-SA-2009-05-12  View
22268 3526 CVE-2008-3658 SUSE-SR:2008:018  View
22269 3526 CVE-2008-3658 SUSE-SR:2008:021  View
22270 3526 CVE-2008-3658 SSRT090005  View
22271 3526 CVE-2008-3658 HPSBUX02465  View
22272 3526 CVE-2008-3658 http://news.php.net/php.cvs/51219  View
22273 3526 CVE-2008-3658 oval:org.mitre.oval:def:9724  View
22274 3526 CVE-2008-3658 GLSA-200811-05  View
22275 3526 CVE-2008-3658 http://support.apple.com/kb/HT3549  View
22276 3526 CVE-2008-3658 http://wiki.rpath.com/Advisories:rPSA-2009-0035  View
22277 3526 CVE-2008-3658 DSA-1647  View
22278 3526 CVE-2008-3658 MDVSA-2009:021  View
22279 3526 CVE-2008-3658 MDVSA-2009:022  View
22280 3526 CVE-2008-3658 MDVSA-2009:023  View
22281 3526 CVE-2008-3658 MDVSA-2009:024  View
22282 3526 CVE-2008-3658 [oss-security] 20080808 CVE request: php-5.2.6 overflow issues  View
22283 3526 CVE-2008-3658 [oss-security] 20080813 Re: CVE request: php-5.2.6 overflow issues  View
22284 3526 CVE-2008-3658 http://www.php.net/archive/2008.php#id2008-08-07-1  View
22285 3526 CVE-2008-3658 RHSA-2009:0350  View
22286 3526 CVE-2008-3658 HPSBTU02382  View
22287 3526 CVE-2008-3658 20090302 rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl  View
22288 3526 CVE-2008-3658 30649  View
22289 3526 CVE-2008-3658 TA09-133A  View
22290 3526 CVE-2008-3658 ADV-2008-2336  View
22291 3526 CVE-2008-3658 ADV-2008-3275  View
22292 3526 CVE-2008-3658 ADV-2009-0320  View
22293 3526 CVE-2008-3658 ADV-2009-1297  View
22294 3526 CVE-2008-3658 php-imageloadfont-dos(44401)  View
22295 3526 CVE-2008-3658 FEDORA-2009-3768  View
22296 3526 CVE-2008-3658 FEDORA-2009-3848  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46423 JVNDB-2008-001733 PHP の imageloadfont 関数におけるバッファオーバーフローの脆弱性 PHP の ext/gd/gd.c における imageloadfont 関数には、フォントファイルの処理に不備があるため、バッファオーバーフローの脆弱性が存在します。 CVE-2008-3658 33771 CVE-2008-3658 3526 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001733.html 2008-08-07 2009-11-16 View