Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-1001 — Libgd2 vulnerability

CWE-1899 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

11.6%

top 6.33%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Libgd2 PHP

Timeline

PublishedApr 6

Latest updateMay 1

Description

Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶debiandebian/libgd2< libgd2 2.0.33-1 (bookworm)

▶NVDphp/php52 versions+51

🔴Vulnerability Details

GHSA

GHSA-62rc-79c5-9jv7: Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp↗2022-05-01

▶

OSV

CVE-2007-1001: Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp↗2007-04-06

▶

💥Exploits & PoCs

Exploit-DB

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition↗2008-02-21

▶

Exploit-DB

X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)↗2008-02-19

▶

Exploit-DB

PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow↗2007-04-07

▶

📋Vendor Advisories

Red Hat

security flaw↗2007-03-10

▶

Debian

CVE-2007-1001: libgd2 - Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in w...↗2007

▶

💬Community

Bugzilla

CVE-2007-1001 security flaw↗2018-08-16

▶