FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-3472

This CVE name corresponds to:

Entered Topic
2015-07-15 libwmf -- multiple vulnerabilities
2007-06-29 gd -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-3472 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-3472
Phase Assigned(20070628)

Description

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.

References

Source Reference
BUGTRAQ 20070907 FLEA-2007-0052-1 gd
MISC http://bugs.libgd.org/?do=details&task_id=89
MISC http://www.secweb.se/en/advisories/gd-gdimagecreatetruecolor-integer-overflow/
CONFIRM http://www.libgd.org/ReleaseNote020035
CONFIRM ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
CONFIRM https://issues.rpath.com/browse/RPL-1643
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=277421
FEDORA FEDORA-2007-2055
FEDORA FEDORA-2007-692
FEDORA FEDORA-2010-19022
FEDORA FEDORA-2010-19033
GENTOO GLSA-200708-05
GENTOO GLSA-200711-34
GENTOO GLSA-200805-13
MANDRIVA MDKSA-2007:153
MANDRIVA MDKSA-2007:164
REDHAT RHSA-2008:0146
SUSE SUSE-SR:2007:015
TRUSTIX 2007-0024
BID 24651
OSVDB 37745
OVAL oval:org.mitre.oval:def:11067
SECUNIA 42813
VUPEN ADV-2007-2336
SECUNIA 25855
SECUNIA 25860
SECUNIA 26272
SECUNIA 26390
SECUNIA 26415
SECUNIA 26467
SECUNIA 26663
SECUNIA 26766
SECUNIA 26856
SECUNIA 29157
SECUNIA 30168
VUPEN ADV-2011-0022
XF gd-imagecreatetruecolor-code-execution(35108)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.