CVE-2007-3478 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-3478
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3478

Description: Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

CVE Status: Candidate

References: TRUSTIX http://www.trustix.org/errata/2007/0024/ SUSE http://www.novell.com/linux/security/advisories/2007_15_sr.html SAID Secunia Advisory: SA26415 Secunia Advisory: SA26390 Secunia Advisory: SA25855 Secunia Advisory: SA26272 Secunia Advisory: SA26467 Secunia Advisory: SA26663 Secunia Advisory: SA26766 Secunia Advisory: SA26856 Secunia Advisory: SA30168 MISC http://bugs.php.net/bug.php?id=40578 http://www.libgd.org/ReleaseNote020035 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:153 http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 GENTOO http://security.gentoo.org/glsa/glsa-200708-05.xml http://security.gentoo.org/glsa/glsa-200805-13.xml http://security.gentoo.org/glsa/glsa-200711-34.xml FEDORA http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html http://fedoranews.org/updates/FEDORA-2007-205.shtml CONFIRM http://bugs.libgd.org/?do=details&task_id=48 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/478796/100/0/threaded

Return to the previous page.