ID: 30718 Updated by: [EMAIL PROTECTED] Reported By: hunter at comsys dot com dot ua -Status: Open +Status: Bogus Bug Type: GD related Operating System: any PHP Version: Irrelevant New Comment:
This is not true. The integer overflow is not possible in PHP as we use a different function to allocate memory which checks for those overflows. Previous Comments: ------------------------------------------------------------------------ [2004-11-08 13:06:13] hunter at comsys dot com dot ua Description: ------------ Integer overflow in GD Graphics Library (libgd) 2.0.28, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function. The libgd library shipped with PHP is vulnerable. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=30718&edit=1
