OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Full-disclosure] [USN-515-1] t1lib vulnerability

From: Ismail Dönmez (ismailpardus.org.tr)
Date: Fri Sep 21 2007 - 08:21:00 CDT


On Friday 21 September 2007 15:30:31 3APA3A wrote:
> Dear Kees Cook,
>
> CVE-2007-4033 is "Buffer overflow in php_gd2.dll in the gd (PHP_GD2)
> extension in PHP 5.2.3 allows context-dependent attackers to execute
> arbitrary code via a long argument to the imagepsloadfont function."

Correct URL is http://www.bugtraq.ir/adv/t1lib.txt though no CVE is assigned
AFAIK.

Regards,
ismail

--
Be the change you want to see in the world.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/