what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-3475

Status Candidate

Overview

The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.

Related Files

Ubuntu Security Notice 854-1
Posted Nov 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 854-1 - Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2009-3293, CVE-2009-3546, CVE-2007-3476
SHA-256 | b73b36b887d79ca9e33bd11f21234253e6b1365bba9dccdfd6ef80ad069bb5e6
Mandriva Linux Security Advisory 2007.164
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause tetex to crash and possibly execute arbitrary code open a user opening the file. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
SHA-256 | 4b9691f84f1ab3a6e1240a51aa912ed2ec78100d92ca0a1bb83a43b08e97b10a
Gentoo Linux Security Advisory 200708-5
Posted Aug 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-05 - Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a truncated PNG file. An integer overflow has been discovered in the gdImageCreateTrueColor() function. An error has been discovered in the function gdImageCreateXbm() function. Unspecified vulnerabilities have been discovered in the GIF reader. An error has been discovered when processing a GIF image that has no global color map. An array index error has been discovered in the file gd_gif_in.c when processing images with an invalid color index. An error has been discovered in the imagearc() and imagefilledarc() functions when processing overly large angle values. A race condition has been discovered in the gdImageStringFTEx() function. Versions less than 2.0.35 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-2756, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
SHA-256 | 06d495eaea35eb5629fd2f5874dc7dfd0264041926be392389ec9ced057b04f5
Mandriva Linux Security Advisory 2007.153
Posted Aug 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - GD versions prior to 2.0.35 have a number of bugs which potentially lead to denial of service and possibly other issues.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
SHA-256 | 9b71e11c51ed034a2840a9c503b261abdb6dae6e78d6a53dac32de5e6e56e4d5
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close