CVE-2006-4484

Source
https://nvd.nist.gov/vuln/detail/CVE-2006-4484
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2006-4484.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2006-4484
Related
Published
2006-08-31T21:04:00Z
Modified
2024-07-30T06:23:21.731900Z
Summary
[none]
Details

Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with inputcodesize greater than MAXLWZBITS, which triggers an overflow when initializing the table array.

References

Affected packages

Debian:11 / libgd2

Package

Name
libgd2
Purl
pkg:deb/debian/libgd2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.33-5.1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / libgd2

Package

Name
libgd2
Purl
pkg:deb/debian/libgd2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.33-5.1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / libgd2

Package

Name
libgd2
Purl
pkg:deb/debian/libgd2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.33-5.1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:11 / xloadimage

Package

Name
xloadimage
Purl
pkg:deb/debian/xloadimage?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.1-25

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / xloadimage

Package

Name
xloadimage
Purl
pkg:deb/debian/xloadimage?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.1-25

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / xloadimage

Package

Name
xloadimage
Purl
pkg:deb/debian/xloadimage?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.1-25

Ecosystem specific

{
    "urgency": "unimportant"
}