Description
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.
References (12)
Core 12
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:285
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37069
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0003.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37080
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36712
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38055
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2929
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=125562113503923&w=2
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11199
Various Sources x_refsource_confirm
http://svn.php.net/viewvc?view=revision&revision=289557
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/11/20/5
Patch, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2930
Scores
EPSS
0.0466
EPSS Percentile
89.4%
Details
CWE
CWE-119
Status
published
Products (6)
libgd/gd_graphics_library
2.0.33
libgd/gd_graphics_library
2.0.34 (3 CPE variants)
libgd/gd_graphics_library
2.0.35 (6 CPE variants)
libgd/gd_graphics_library
2.0.36 rc1
php/php
5.2.11
php/php
5.3.0
Published
Oct 19, 2009
Tracked Since
Feb 18, 2026