PHPDeveloper.org: Secunia.com: PHP "gdPngReadData()" Truncated PNG Data Denial of Service

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Chegg Seeks Senior PHP Developer (Santa Clara, CA)

Job Posting: TEKSystems (Recruiter) Seeks PHP Web Application Developers (Tampa, FL)

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

News Archive

Andre Liem's Blog: 5 tips and tools to optimize your php application - Part 1 simple

Job Posting: Chegg Seeks Senior PHP Developer (Santa Clara, CA)

Robert Basic's Blog: MyUrl view helper for Zend Framework

Laknath Semage's Blog: PHP + Large files

NETTUTS.com: Mimicking Apple's Address Book for the Web

Martynas Jusevicius' Blog: Method overloading in PHP 5

DevShed: Authentication Scripts for a User Management Application

Community News: PHP Advent 2008

Ibuildings Blog: Zend_Paginator: First Impressions

Community News: Latest PECL Releases for 12.02.2008

Secunia.com:
PHP "gdPngReadData()" Truncated PNG Data Denial of Service

by Chris Cornutt May 22, 2007 @ 11:09:00

Secunia has posted this new advisory today about an issue with the GD graphics library functionality in PHP that could be used to cause a Denial of Service via a truncated PNG image.

The vulnerability is caused due to the incorrect use of libpng within the function "gdPngReadData()" in ext/gd/libgd/gd_png.c of the GD extension when processing truncated data. This can be exploited to cause an infinite loop by e.g. tricking an application to process a specially crafted file. (reported by Xavier Roche)

This issue has been confirmed in PHP versions 4.4.7 and 5.2.2 but may affect others. The issue has already been corrected, however, and can be fetched from the PHP CVS system to protect your system.

0 comments voice your opinion now!
gd image png truncate denialofservice secunia gdpngreaddata gd image png truncate denialofservice secunia gdpngreaddata

Similar Posts

Stoyan Stefanov's Blog: Laziest image resize in PHP

ASys DataService\'s Blog: Rounded corners using PHP and the GD library

Secunia.com: rPath update for gd, php, php-mysql, and php-pgsql

DevShed: An Image is Worth a Thousand Words in PHP

Richard Davey's Blog: Interesting memory use with GD images

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework