libgd PNG DoS
Published:		14.06.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7814
Type:		library
Level:		5/10
Description:		Resource exhaustion on PNG parsing.

Affected:		GD : libgd 2.0
		PHP : PHP 4.4
		FREETYPE : freetype 2.2
		TETEX : tetex 3.0
		LIBWMF : libwmf 0.2
		PHP : PHP 5.2
CVE:		CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.)

Original document

MANDRIVA, [Full-disclosure] [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability (14.06.2007)

Discuss:

Read or add your comments to this news (0 comments)