CVE-2007-4033

NONE EPSS 96.9%
Published Jul 27, 200718y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 27, 2007 18y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.

Threat Intelligence

EPSS Exploit Probability
96.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 2

VendorProductVersionRange
phpphp5.2.3any
t1libt1lib5.1.1any

References 40

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.