CVE-2007-2756 - CVE Reference - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

CVE Reference: CVE-2007-2756

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2756

Description: The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34420 UBUNTU http://www.ubuntu.com/usn/usn-473-1 TRUSTIX http://www.trustix.org/errata/2007/0023/ http://www.trustix.org/errata/2007/0019/ SUSE http://www.novell.com/linux/security/advisories/2007_13_sr.html http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html ST 1018187 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863 SAID Secunia Advisory: SA27102 Secunia Advisory: SA27545 Secunia Advisory: SA25787 Secunia Advisory: SA27110 Secunia Advisory: SA27037 Secunia Advisory: SA26967 Secunia Advisory: SA26895 Secunia Advisory: SA26871 Secunia Advisory: SA26930 Secunia Advisory: SA26390 Secunia Advisory: SA26231 Secunia Advisory: SA26048 Secunia Advisory: SA25855 Secunia Advisory: SA25657 Secunia Advisory: SA25658 Secunia Advisory: SA25646 Secunia Advisory: SA25575 Secunia Advisory: SA25590 Secunia Advisory: SA25535 Secunia Advisory: SA25353 Secunia Advisory: SA25362 Secunia Advisory: SA25378 Secunia Advisory: SA29157 Secunia Advisory: SA30168 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0146.html http://www.redhat.com/support/errata/RHSA-2007-0890.html http://rhn.redhat.com/errata/RHSA-2007-0889.html http://www.redhat.com/support/errata/RHSA-2007-0891.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 http://www.mandriva.com/security/advisories?name=MDKSA-2007:122 http://www.mandriva.com/security/advisories?name=MDKSA-2007:123 http://www.mandriva.com/security/advisories?name=MDKSA-2007:124 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 GENTOO http://security.gentoo.org/glsa/glsa-200708-05.xml http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml http://security.gentoo.org/glsa/glsa-200711-34.xml http://security.gentoo.org/glsa/glsa-200805-13.xml FEDORA CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm http://www.libgd.org/ReleaseNote020035 http://www.php.net/releases/5_2_3.php http://bugs.libgd.org/?do=details&task_id=86 BID 24089

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	OpenBSD BIND Query Port DNS Cache Poisoning

3.	Apple Safari Cross-Domain Cookie Injection Vulnerability

4.	Drupal Session Fixation Vulnerability

5.	Red Hat update for thunderbird

6.	Debian update for clamav

7.	Red Hat update for kernel

8.	Slackware update for dnsmasq

9.	Ubuntu update for php

10.	IPCop update for perl