| Vulnerability Name: | CVE-2007-3475 (CCN-35413) | ||||||||||||||||||||||||
| Assigned: | 2007-06-21 | ||||||||||||||||||||||||
| Published: | 2007-06-21 | ||||||||||||||||||||||||
| Updated: | 2018-10-16 | ||||||||||||||||||||||||
| Summary: | The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P) 3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||
| References: | Source: CONFIRM Type: UNKNOWN ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz Source: CCN Type: libgd Bug FS#70 possible crash when no global color map has been found Source: CONFIRM Type: UNKNOWN http://bugs.libgd.org/?do=details&task_id=70 Source: MITRE Type: CNA CVE-2007-3475 Source: FEDORA Type: UNKNOWN FEDORA-2007-2055 Source: FEDORA Type: UNKNOWN FEDORA-2010-19033 Source: FEDORA Type: UNKNOWN FEDORA-2010-19022 Source: CCN Type: RHSA-2008-0146 Moderate: gd security update Source: SECUNIA Type: UNKNOWN 25860 Source: SECUNIA Type: UNKNOWN 26272 Source: SECUNIA Type: UNKNOWN 26390 Source: SECUNIA Type: UNKNOWN 26415 Source: SECUNIA Type: UNKNOWN 26467 Source: SECUNIA Type: UNKNOWN 26663 Source: SECUNIA Type: UNKNOWN 26766 Source: SECUNIA Type: UNKNOWN 26856 Source: SECUNIA Type: UNKNOWN 29157 Source: SECUNIA Type: UNKNOWN 30168 Source: SECUNIA Type: UNKNOWN 42813 Source: GENTOO Type: UNKNOWN GLSA-200708-05 Source: GENTOO Type: UNKNOWN GLSA-200711-34 Source: GENTOO Type: UNKNOWN GLSA-200805-13 Source: CCN Type: ASA-2008-099 gd security update (RHSA-2008-0146) Source: CCN Type: GLSA-200708-05 GD: Multiple vulnerabilities Source: CCN Type: GLSA-200711-34 CSTeX: Multiple vulnerabilities Source: CCN Type: GLSA-200805-13 PTeX: Multiple vulnerabilities Source: CCN Type: GD Graphics Library Web site ReleaseNote020035 Source: MISC Type: Patch http://www.libgd.org/ReleaseNote020035 Source: MANDRIVA Type: UNKNOWN MDKSA-2007:153 Source: MANDRIVA Type: UNKNOWN MDKSA-2007:164 Source: SUSE Type: UNKNOWN SUSE-SR:2007:015 Source: FEDORA Type: UNKNOWN FEDORA-2007-692 Source: REDHAT Type: UNKNOWN RHSA-2008:0146 Source: BUGTRAQ Type: UNKNOWN 20070907 FLEA-2007-0052-1 gd Source: BID Type: UNKNOWN 24651 Source: CCN Type: BID-24651 GD Graphics Library Multiple Vulnerabilities Source: TRUSTIX Type: UNKNOWN 2007-0024 Source: CCN Type: USN-854-1 GD library vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2011-0022 Source: CONFIRM Type: UNKNOWN https://bugzilla.redhat.com/show_bug.cgi?id=277421 Source: XF Type: UNKNOWN gd-colormap-dos(35413) Source: CONFIRM Type: UNKNOWN https://issues.rpath.com/browse/RPL-1643 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9728 Source: SUSE Type: SUSE-SR:2007:015 SUSE Security Summary Report | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration RedHat 7: Configuration RedHat 8: Configuration RedHat 9:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||