ID |
CVE-2007-3475
|
Summary |
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.3 (as of 16-10-2018 - 16:49) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
oval
via4
|
accepted | 2013-04-29T04:21:40.841-04:00 | class | vulnerability | contributors | name | Aharon Chernin | organization | SCAP.com, LLC |
name | Dragos Prisaca | organization | G2, Inc. |
| definition_extensions | comment | The operating system installed on the system is Red Hat Enterprise Linux 4 | oval | oval:org.mitre.oval:def:11831 |
comment | CentOS Linux 4.x | oval | oval:org.mitre.oval:def:16636 |
comment | Oracle Linux 4.x | oval | oval:org.mitre.oval:def:15990 |
comment | The operating system installed on the system is Red Hat Enterprise Linux 5 | oval | oval:org.mitre.oval:def:11414 |
comment | The operating system installed on the system is CentOS Linux 5.x | oval | oval:org.mitre.oval:def:15802 |
comment | Oracle Linux 5.x | oval | oval:org.mitre.oval:def:15459 |
| description | The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | family | unix | id | oval:org.mitre.oval:def:9728 | status | accepted | submitted | 2010-07-09T03:56:16-04:00 | title | The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | version | 30 |
|
redhat
via4
|
advisories | | rpms | - gd-0:2.0.28-5.4E.el4_6.1
- gd-0:2.0.33-9.4.el5_1.1
- gd-debuginfo-0:2.0.28-5.4E.el4_6.1
- gd-debuginfo-0:2.0.33-9.4.el5_1.1
- gd-devel-0:2.0.28-5.4E.el4_6.1
- gd-devel-0:2.0.33-9.4.el5_1.1
- gd-progs-0:2.0.28-5.4E.el4_6.1
- gd-progs-0:2.0.33-9.4.el5_1.1
|
|
refmap
via4
|
bid | 24651 | bugtraq | 20070907 FLEA-2007-0052-1 gd | confirm | | fedora | - FEDORA-2007-2055
- FEDORA-2007-692
- FEDORA-2010-19022
- FEDORA-2010-19033
| gentoo | - GLSA-200708-05
- GLSA-200711-34
- GLSA-200805-13
| mandriva | - MDKSA-2007:153
- MDKSA-2007:164
| misc | http://www.libgd.org/ReleaseNote020035 | secunia | - 25860
- 26272
- 26390
- 26415
- 26467
- 26663
- 26766
- 26856
- 29157
- 30168
- 42813
| suse | SUSE-SR:2007:015 | trustix | 2007-0024 | vupen | ADV-2011-0022 |
|
statements
via4
|
contributor | Mark J Cox | lastmodified | 2007-09-05 | organization | Red Hat | statement | Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3475
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. |
|
Last major update |
16-10-2018 - 16:49 |
Published |
28-06-2007 - 18:30 |
Last modified |
16-10-2018 - 16:49 |