English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-11
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 28 Feb 2007
 Last revised: 28 Feb 2007

 Package: php

 Summary: Buffer overflow

 More information:
    PHP is an HTML-embedded scripting language.

    Buffer overflow vulnerability exists in php GD Graphics Library.
    
 Impact:
    This vulnerability may allow remote attackers to execute arbitrary
    code via a crafted string with a JIS encoded font.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   php4-4.3.11-10.src.rpm
     12522722 7dac8c434ed80a6e27aa9e59584b473e

   Binary Packages
   Size: MD5

   php4-4.3.11-10.i586.rpm
      5360755 12d37116eb1b4ee3191662ce56d8e7ec
   php4-gd-4.3.11-10.i586.rpm
        47400 ff1046801594b896c6b197d230730b65
   php4-imap-4.3.11-10.i586.rpm
        12809 0511407be90ee9fc7efed9cc85caf06c
   php4-ldap-4.3.11-10.i586.rpm
        36168 c207bb93afcd4f44f295d53669413a0a
   php4-manual-4.3.11-10.i586.rpm
      7504084 17528b92e6f24ea36b2980e68971c10b
   php4-ming-4.3.11-10.i586.rpm
        47597 3d2fb8e69a8fbc4e1aff246c2a8823d8
   php4-mysql-4.3.11-10.i586.rpm
       123493 9642371c62acb3595e4f66d3b853cbbb
   php4-pgsql-4.3.11-10.i586.rpm
        72722 3c976ec6c455b3233a98a7a0c9005cb3

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/php4-4.3.9-15.src.rpm
     12369640 6d3b874e93858d5bd43e0ef55d104ed7

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-4.3.9-15.x86_64.rpm
      5476858 9483241f63037294e899256e96585949
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-debug-4.3.9-15.x86_64.rpm
      6577964 5b94bc7f209b3d890c9c2f3f429cd1ec
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-gd-4.3.9-15.x86_64.rpm
        51004 b1662e4bfc903670f4f3092bccea482e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-imap-4.3.9-15.x86_64.rpm
        11367 e52432a43a1cb7b75059fc289103425e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ldap-4.3.9-15.x86_64.rpm
        39190 0eea2fa53f2da1e644ac4bc89a0db592
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-manual-4.3.9-15.x86_64.rpm
      7502884 d2271a9151a089149543eab6ff29dd00
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ming-4.3.9-15.x86_64.rpm
        51295 3da84d0aa895ed1e889e83119f622b21
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-mysql-4.3.9-15.x86_64.rpm
       134598 d78ce08a56066395ca9cc55e1db739ef
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-pgsql-4.3.9-15.x86_64.rpm
        76237 75c18a6c53d58f4ec345bf38868268a0

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/php4-4.3.11-10.src.rpm
     12522722 7dac8c434ed80a6e27aa9e59584b473e

   Binary Packages
   Size: MD5

   php4-4.3.11-10.i586.rpm
      5360755 12d37116eb1b4ee3191662ce56d8e7ec
   php4-debug-4.3.11-10.i586.rpm
      6442907 df9f85275da3b04c56087594eb15d73e
   php4-gd-4.3.11-10.i586.rpm
        47400 ff1046801594b896c6b197d230730b65
   php4-imap-4.3.11-10.i586.rpm
        12809 0511407be90ee9fc7efed9cc85caf06c
   php4-ldap-4.3.11-10.i586.rpm
        36168 c207bb93afcd4f44f295d53669413a0a
   php4-manual-4.3.11-10.i586.rpm
      7504084 17528b92e6f24ea36b2980e68971c10b
   php4-ming-4.3.11-10.i586.rpm
        47597 3d2fb8e69a8fbc4e1aff246c2a8823d8
   php4-mysql-4.3.11-10.i586.rpm
       123493 9642371c62acb3595e4f66d3b853cbbb
   php4-pgsql-4.3.11-10.i586.rpm
        72722 3c976ec6c455b3233a98a7a0c9005cb3

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/php4-4.3.3-21.src.rpm
      4197223 bf2533e85d18b4f37a0063d14a12884c

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-4.3.3-21.i586.rpm
      3408820 9356fd085a41f059d717e37299237a53
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-gd-4.3.3-21.i586.rpm
        31884 369b9da9e15f2b284a3dafa308eb3969
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-imap-4.3.3-21.i586.rpm
        10496 af3e3362d06a5ff494944b78689b6404
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ldap-4.3.3-21.i586.rpm
        24867 cc94dfbfe2320d0aca30f5ec37d8562c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-manual-4.3.3-21.i586.rpm
       342888 d068cdf026a5880c8ebea0c899fe1ec1
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ming-4.3.3-21.i586.rpm
        31384 44beb1f296bde3e07ef9303a8795cd67
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-mysql-4.3.3-21.i586.rpm
        82396 2583d946780b5d61b411287a813b4985
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-pgsql-4.3.3-21.i586.rpm
        48884 fb0d9f660d54c495b6f51c82f2f16ae0

 
 References:

 CVE
   [CVE-2007-0455]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455

 --------------------------------------------------------------------------
 Revision History
    28 Feb 2007 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2007 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFF5SwEK0LzjOqIJMwRAuDdAJ9L0l0XoncZPUjKEQWwyI0jofAtYwCeI3l4
p0MX7rx6iEBovE7IHklOGmo=
=oiZN
-----END PGP SIGNATURE-----



© 1998-2025 E-Soft Inc. All rights reserved.