Computer Security
[EN] securityvulns.ru no-pyccku


gb and libgd library multiple security vulnerabilities
Published:05.08.2007
Source:
SecurityVulns ID:8004
Type:library
Threat Level:
6/10
Description:Multiple vulnerabilities on GIF parsing.
Affected:GD : libgd 2.0
CVE:CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.)
 CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.)
 CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.)
 CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities (05.08.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod