CVSS: 7.5EPSS: 11%CPEs: 1EXPL: 0CVE-2007-3475 – libgd Denial of service by GIF images without a global color map
https://notcve.org/view.php?id=CVE-2007-3475
28 Jun 2007 — The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. GD Graphics Library (libgd) anterior a 2.0.35 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) mediante una imagen GIF que no tiene color global de mapa. • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-3476 – libgd Denial of service by corrupted GIF images
https://notcve.org/view.php?id=CVE-2007-3476
28 Jun 2007 — Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. Error de índice de array en gd_gif_in.c de la librería gráfica GD (libgd) anterior a 2.0.35 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída y corrupción del montículo) mediante valores de í... • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 11%CPEs: 1EXPL: 0CVE-2007-3478
https://notcve.org/view.php?id=CVE-2007-3478
28 Jun 2007 — Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. Condición de carrera en gdImageStringFTEx (gdft_draw_bitmap) en gdft.c en GD Graphics Library (libgd) anterior a 2.0.35 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) mediante vectores no especi... • http://bugs.libgd.org/?do=details&task_id=48 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 4%CPEs: 13EXPL: 0CVE-2007-0455 – gd: buffer overrun
https://notcve.org/view.php?id=CVE-2007-0455
30 Jan 2007 — Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Desbordamiento de búfer en la función gdImageStringFTEx en gdft.c de GD Graphics Library 2.0.33 y anteriores permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) y posiblemente ejecutar código de su elección mediante una ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 4%CPEs: 14EXPL: 0CVE-2004-0941 – gd: additional overflows
https://notcve.org/view.php?id=CVE-2004-0941
19 Nov 2004 — Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. New libwmf packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. • http://secunia.com/advisories/13179 •
CVSS: 10.0EPSS: 36%CPEs: 25EXPL: 1CVE-2004-0990 – GD Graphics Library - Local Heap Overflow
https://notcve.org/view.php?id=CVE-2004-0990
28 Oct 2004 — Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. • https://www.exploit-db.com/exploits/600 •