FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-3478

This CVE name corresponds to:

Entered Topic
2007-06-29 gd -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-3478
Phase Assigned(20070628)

Description

Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

References

Source Reference
BUGTRAQ 20070907 FLEA-2007-0052-1 gd
MISC http://bugs.php.net/bug.php?id=40578
MISC http://www.libgd.org/ReleaseNote020035
CONFIRM http://bugs.libgd.org/?do=details&task_id=48
CONFIRM https://issues.rpath.com/browse/RPL-1643
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=277421
FEDORA FEDORA-2007-2055
FEDORA FEDORA-2007-692
FEDORA FEDORA-2010-19022
FEDORA FEDORA-2010-19033
GENTOO GLSA-200708-05
GENTOO GLSA-200711-34
GENTOO GLSA-200805-13
MANDRIVA MDKSA-2007:153
MANDRIVA MDKSA-2007:164
SUSE SUSE-SR:2007:015
TRUSTIX 2007-0024
SECUNIA 42813
VUPEN ADV-2007-2336
OSVDB 37740
SECUNIA 25855
SECUNIA 26272
SECUNIA 26390
SECUNIA 26415
SECUNIA 26467
SECUNIA 26663
SECUNIA 26766
SECUNIA 26856
SECUNIA 30168
VUPEN ADV-2011-0022