[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-3478Date: (C)2007-06-28   (M)2023-12-22


Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
2007-0024
http://www.securityfocus.com/archive/1/478796/100/0/threaded
SECUNIA-25855
SECUNIA-26272
SECUNIA-26390
SECUNIA-26415
SECUNIA-26467
SECUNIA-26663
SECUNIA-26766
SECUNIA-26856
SECUNIA-30168
OSVDB-37740
SECUNIA-42813
ADV-2007-2336
ADV-2011-0022
FEDORA-2007-2055
FEDORA-2007-692
FEDORA-2010-19022
FEDORA-2010-19033
GLSA-200708-05
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:153
MDKSA-2007:164
SUSE-SR:2007:015
http://bugs.libgd.org/?do=details&task_id=48
http://bugs.php.net/bug.php?id=40578
http://www.libgd.org/ReleaseNote020035
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://issues.rpath.com/browse/RPL-1643

CWE    1
CWE-362

© SecPod Technologies