FsPHPGallery Image Resize DoS

2004-11-02T11:30:04
ID OSVDB:11389
Type osvdb
Reporter OSVDB
Modified 2004-11-02T11:30:04

Description

Vulnerability Description

FsPHPGallery contains a flaw that may allow a remote denial of service. The issue is triggered due to improper bounds checking during the resize of large user supplied images, and will result in loss of availability for the server.

Solution Description

Upgrade to version 1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

FsPHPGallery contains a flaw that may allow a remote denial of service. The issue is triggered due to improper bounds checking during the resize of large user supplied images, and will result in loss of availability for the server.

References:

Vendor URL: http://gallery.devrandom.org.uk/ Vendor Specific News/Changelog Entry: http://gallery.devrandom.org.uk/cgi-bin/viewcvs.cgi/fsphpgallery/ChangeLog?rev=HEAD&content-type=text/vnd.viewcvs-markup Security Tracker: 1012063 Secunia Advisory ID:13074 ISS X-Force ID: 17947 CVE-2004-2223 Bugtraq ID: 11594