[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-3476

Date: (C)2007-06-28   (M)2017-10-04
 
CVSS Score: 4.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL











Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

Reference:
2007-0024
http://www.securityfocus.com/archive/1/archive/1/478796/100/0/threaded
BID-24651
SECUNIA-25860
SECUNIA-26272
SECUNIA-26390
SECUNIA-26415
SECUNIA-26467
SECUNIA-26663
SECUNIA-26766
SECUNIA-26856
SECUNIA-29157
SECUNIA-30168
SECUNIA-31168
OSVDB-37741
SECUNIA-42813
ADV-2011-0022
DSA-1613
FEDORA-2007-2055
FEDORA-2007-692
FEDORA-2010-19022
FEDORA-2010-19033
GLSA-200708-05
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:153
MDKSA-2007:164
RHSA-2008:0146
SUSE-SR:2007:015
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
http://bugs.libgd.org/?do=details&task_id=87
http://www.libgd.org/ReleaseNote020035
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://issues.rpath.com/browse/RPL-1643

CWE    1
CWE-189
OVAL    2
oval:org.secpod.oval:def:700361
oval:org.mitre.oval:def:7842

© 2013 SecPod Technologies