Computer Security
[EN] securityvulns.ru no-pyccku


libgd PNG DoS
Published:14.06.2007
Source:
SecurityVulns ID:7814
Type:library
Threat Level:
5/10
Description:Resource exhaustion on PNG parsing.
Affected:GD : libgd 2.0
 PHP : PHP 4.4
 FREETYPE : freetype 2.2
 TETEX : tetex 3.0
 LIBWMF : libwmf 0.2
 PHP : PHP 5.2
CVE:CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.)
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability (14.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod