CVE-2007-4033 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-4033 PUBLISHED CVSS 7.5 HIGH

Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.

EPSS 25.35% · 96.2th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

25.35%

96.2th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
t1lib	t1lib	5.1.1
php	php	5.2.3

Timeline

Jul 27, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Aug 31, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Feb 3, 2024 EPSS Score

References

GLSA-200710-12 vendor-advisory
27743 third-party-advisory
26901 third-party-advisory
oval:org.mitre.oval:def:10557 vdb
php-imagepsloadfont-bo(35620) vdb
FEDORA-2007-2343 vendor-advisory
20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability mailing-list
DSA-1390 vendor-advisory
27297 third-party-advisory
GLSA-200805-13 vendor-advisory
20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi mailing-list
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007 url
https://bugzilla.redhat.com/show_bug.cgi?id=303021 url
FEDORA-2007-750 vendor-advisory
RHSA-2007:1031 vendor-advisory
MDKSA-2007:189 vendor-advisory
4227 exploit
30168 third-party-advisory
https://issues.rpath.com/browse/RPL-1972 url
27239 third-party-advisory

…and 21 more

Open in Interactive Console →