CVE-2007-3472
libgd Integer overflow in TrueColor code
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
Un desbordamiento enteros en la función gdImageCreateTrueColor en GD Graphics Library (libgd) anterior a versión 2.0.35 permite a los atacantes remotos asistidos por el usuario tener vectores de ataque no especificados y un impacto.
Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a truncated PNG file. An integer overflow has been discovered in the gdImageCreateTrueColor() function. An error has been discovered in the function gdImageCreateXbm() function. Unspecified vulnerabilities have been discovered in the GIF reader. An error has been discovered when processing a GIF image that has no global color map. An array index error has been discovered in the file gd_gif_in.c when processing images with an invalid color index. An error has been discovered in the imagearc() and imagefilledarc() functions when processing overly large angle values. A race condition has been discovered in the gdImageStringFTEx() function. Versions less than 2.0.35 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-06-28 CVE Reserved
- 2007-06-28 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (39)
URL | Tag | Source |
---|---|---|
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz | X_refsource_confirm | |
http://bugs.libgd.org/?do=details&task_id=89 | X_refsource_misc | |
http://osvdb.org/37745 | Vdb Entry | |
http://www.libgd.org/ReleaseNote020035 | X_refsource_confirm | |
http://www.securityfocus.com/archive/1/478796/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/24651 | Vdb Entry | |
http://www.secweb.se/en/advisories/gd-gdimagecreatetruecolor-integer-overflow | X_refsource_misc | |
https://bugzilla.redhat.com/show_bug.cgi?id=277421 | X_refsource_confirm | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/35108 | Vdb Entry | |
https://issues.rpath.com/browse/RPL-1643 | X_refsource_confirm | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11067 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | <= 2.0.35 Search vendor "Libgd" for product "Gd Graphics Library" and version " <= 2.0.35" | rc5 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.33 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.33" | - |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.34 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.34" | - |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.34 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.34" | rc1 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.34 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.34" | rc2 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.35 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.35" | rc1 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.35 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.35" | rc2 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.35 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.35" | rc3 |
Affected
| ||||||
Libgd Search vendor "Libgd" | Gd Graphics Library Search vendor "Libgd" for product "Gd Graphics Library" | 2.0.35 Search vendor "Libgd" for product "Gd Graphics Library" and version "2.0.35" | rc4 |
Affected
|