Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-3476

Published: 28/06/2007 Updated: 16/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Gd Graphics Library

Vulnerability Summary

Array index error in gd_gif_in.c in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

Vulnerable Product Search on Vulmon Subscribe to Product

gd graphics library gdlib

Vendor Advisories

Ubuntu Security Notice: libgd2 vulnerabilities
Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code (CVE-2009-3546) ...
Debian Security Advisories: DSA-1613-1 libgd2 -- multiple vulnerabilities
Multiple vulnerabilities have been identified in libgd2, a library for programmatic graphics creation and manipulation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2445 Grayscale PNG files containing invalid tRNS chunk CRC values could cause a denial of service (crash), if a maliciously ...

References

CWE-189http://www.libgd.org/ReleaseNote020035http://bugs.libgd.org/?do=details&task_id=87ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgzhttps://issues.rpath.com/browse/RPL-1643https://bugzilla.redhat.com/show_bug.cgi?id=277421http://fedoranews.org/updates/FEDORA-2007-205.shtmlhttp://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.htmlhttp://security.gentoo.org/glsa/glsa-200708-05.xmlhttp://security.gentoo.org/glsa/glsa-200711-34.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:153http://www.mandriva.com/security/advisories?name=MDKSA-2007:164http://www.novell.com/linux/security/advisories/2007_15_sr.htmlhttp://www.trustix.org/errata/2007/0024/http://www.securityfocus.com/bid/24651http://secunia.com/advisories/25860http://secunia.com/advisories/26272http://secunia.com/advisories/26390http://secunia.com/advisories/26415http://secunia.com/advisories/26467http://secunia.com/advisories/26663http://secunia.com/advisories/26766http://secunia.com/advisories/26856http://www.redhat.com/support/errata/RHSA-2008-0146.htmlhttp://secunia.com/advisories/29157http://security.gentoo.org/glsa/glsa-200805-13.xmlhttp://secunia.com/advisories/30168http://www.debian.org/security/2008/dsa-1613http://secunia.com/advisories/31168http://www.vupen.com/english/advisories/2011/0022http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.htmlhttp://secunia.com/advisories/42813http://osvdb.org/37741https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10348http://www.securityfocus.com/archive/1/478796/100/0/threadedhttps://usn.ubuntu.com/854-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook