Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-3473

Published: 28/06/2007 Updated: 16/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Gd Graphics Library

Vulnerability Summary

The gdImageCreateXbm function in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.

Vulnerable Product Search on Vulmon Subscribe to Product

libgd gd graphics library

Vendor Advisories

Amazon Linux AMI: ALAS-2015-604
It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application (CVE-2015-0 ...
Arch Linux Issues:
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2035 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure ...

Exploits

Exploit DB: GD Graphics Library 2.0.34 - 'libgd' gdImageCreateXbm Function Unspecified Denial of Service
source: wwwsecurityfocuscom/bid/24651/info The GD graphics library is prone to multiple vulnerabilities An attacker can exploit this issue to cause denial-of-service conditions or execute arbitrary code in the context of applications implementing the affected library Version prior to GD graphics library 2035 are reported vulnerable ...

References

NVD-CWE-noinfohttp://bugs.libgd.org/?do=details&task_id=94http://www.libgd.org/ReleaseNote020035http://secunia.com/advisories/25855ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgzhttps://issues.rpath.com/browse/RPL-1643https://bugzilla.redhat.com/show_bug.cgi?id=277421http://fedoranews.org/updates/FEDORA-2007-205.shtmlhttp://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.htmlhttp://security.gentoo.org/glsa/glsa-200708-05.xmlhttp://security.gentoo.org/glsa/glsa-200711-34.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:153http://www.mandriva.com/security/advisories?name=MDKSA-2007:164http://www.trustix.org/errata/2007/0024/http://www.securityfocus.com/bid/24651http://secunia.com/advisories/25860http://secunia.com/advisories/26272http://secunia.com/advisories/26390http://secunia.com/advisories/26415http://secunia.com/advisories/26467http://secunia.com/advisories/26663http://secunia.com/advisories/26766http://secunia.com/advisories/26856http://www.redhat.com/support/errata/RHSA-2008-0146.htmlhttp://secunia.com/advisories/29157http://security.gentoo.org/glsa/glsa-200805-13.xmlhttp://secunia.com/advisories/30168http://www.vupen.com/english/advisories/2011/0022http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.htmlhttp://secunia.com/advisories/42813http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.htmlhttp://www.vupen.com/english/advisories/2007/2336http://osvdb.org/37744https://exchange.xforce.ibmcloud.com/vulnerabilities/35109https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11806http://www.securityfocus.com/archive/1/478796/100/0/threadedhttps://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2015-604.htmlhttps://www.exploit-db.com/exploits/30251/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook