CVE-2007-3475 – libgd Denial of service by GIF images without a global color map
https://notcve.org/view.php?id=CVE-2007-3475
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. GD Graphics Library (libgd) anterior a 2.0.35 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) mediante una imagen GIF que no tiene color global de mapa. • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz http://bugs.libgd.org/?do=details&task_id=70 http://fedoranews.org/updates/FEDORA-2007-205.shtml http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html http://secunia.com/advisories/25860 http://secunia.com/advisories/26272 http://secunia.com/advisories/26390 http://secu •
CVE-2007-3476 – libgd Denial of service by corrupted GIF images
https://notcve.org/view.php?id=CVE-2007-3476
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. Error de índice de array en gd_gif_in.c de la librería gráfica GD (libgd) anterior a 2.0.35 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída y corrupción del montículo) mediante valores de índice de color grandes en datos de imagen manipulados, lo cual resulta en un fallo de segmentación. • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz http://bugs.libgd.org/?do=details&task_id=87 http://fedoranews.org/updates/FEDORA-2007-205.shtml http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html http://osvdb.org/37741 http://secunia.com/advisories/25860 http://secunia.com/advisories/26272 http://secunia.com/a • CWE-189: Numeric Errors •
CVE-2007-3478
https://notcve.org/view.php?id=CVE-2007-3478
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. Condición de carrera en gdImageStringFTEx (gdft_draw_bitmap) en gdft.c en GD Graphics Library (libgd) anterior a 2.0.35 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) mediante vectores no especificados, posiblemente implicando el soporte para fuentes truetype (TTF). • http://bugs.libgd.org/?do=details&task_id=48 http://bugs.php.net/bug.php?id=40578 http://fedoranews.org/updates/FEDORA-2007-205.shtml http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html http://osvdb.org/37740 http://secunia.com/advisories/25855 http://secunia.com/advisories/26272 http://secunia.com/advisories/26390 http://secunia.com/advisories/26415 http://sec • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2007-0455 – gd: buffer overrun
https://notcve.org/view.php?id=CVE-2007-0455
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Desbordamiento de búfer en la función gdImageStringFTEx en gdft.c de GD Graphics Library 2.0.33 y anteriores permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) y posiblemente ejecutar código de su elección mediante una cadena manipulada con una fuente JIS codificada. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607 http://fedoranews.org/cms/node/2631 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html http://rhn.redhat.com/errata/RHSA-2007-0155.html http://secunia.com/advisories/23916 http://secunia.com/advisories/24022 http://secunia.com/advisories/24052 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2004-0941 – gd: additional overflows
https://notcve.org/view.php?id=CVE-2004-0941
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. • http://secunia.com/advisories/13179 http://secunia.com/advisories/18686 http://secunia.com/advisories/20824 http://secunia.com/advisories/21050 http://www.ciac.org/ciac/bulletins/p-071.shtml http://www.debian.org/security/2004/dsa-601 http://www.mandriva.com/security/advisories?name=MDKSA-2006:113 http://www.mandriva.com/security/advisories?name=MDKSA-2006:114 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.redhat.com/support/errata/RHSA-2004-638 •