EUVD-2022-53082

Malicious code in bioql PyPI...

BIT-PHP-MIN-2022-31630 OOB read due to insufficient input validation in imageloadfont()

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...

CVE-2022-31630

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...

PT-2022-5981 · Unknown +10 · Gd Extension +10

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 7.4.33, 8.0.25 and 8.1.12 Description: The issue is related to the imageloadfont function in the gd extension, which can be exploited by providing a specially crafted font file. When the loaded font is used with the...

RedHat Security Advisory RHSA-2009:0337

The remote host is missing updates announced in advisory RHSA-2009:0337. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP scrip...

php: buffer overflow in the imageloadfont function in gd extension

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

CVE-2008-3658

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...