[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-3478

Date: (C)2007-06-28   (M)2015-12-16 


Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

CVSS Score: 4.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
2007-0024
http://www.securityfocus.com/archive/1/archive/1/478796/100/0/threaded
SECUNIA-25855
SECUNIA-26272
SECUNIA-26390
SECUNIA-26415
SECUNIA-26467
SECUNIA-26663
SECUNIA-26766
SECUNIA-26856
SECUNIA-30168
OSVDB-37740
SECUNIA-42813
ADV-2007-2336
ADV-2011-0022
FEDORA-2007-2055
FEDORA-2007-692
FEDORA-2010-19022
FEDORA-2010-19033
GLSA-200708-05
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:153
MDKSA-2007:164
SUSE-SR:2007:015
http://bugs.libgd.org/?do=details&task_id=48
http://bugs.php.net/bug.php?id=40578
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://issues.rpath.com/browse/RPL-1643

CWE    1
CWE-362

© 2013 SecPod Technologies