{"id":"CVE-2007-1001","details":"Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.","modified":"2026-01-27T04:07:47.949794Z","published":"2007-04-06T00:19:00Z","withdrawn":"2026-01-27T04:07:47.949794Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2007-0155.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24814"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24909"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24924"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24945"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24965"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25056"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25151"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25445"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26235"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200705-19.xml"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2007_32_php.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0153.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0162.html"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2007/1269"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2007/2732"},{"type":"ARTICLE","url":"http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html"},{"type":"WEB","url":"http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1"},{"type":"WEB","url":"http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markup"},{"type":"WEB","url":"http://docs.info.apple.com/article.html?artnum=306172"},{"type":"WEB","url":"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"},{"type":"WEB","url":"http://us2.php.net/releases/4_4_7.php"},{"type":"WEB","url":"http://us2.php.net/releases/5_2_2.php"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/464957/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/466166/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/bid/23357"},{"type":"WEB","url":"http://www.securityfocus.com/bid/25159"},{"type":"WEB","url":"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.470053"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33453"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-1268"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179"}],"schema_version":"1.7.3"}