4.3

CVE-2007-3472

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LibgdGd Graphics Library Updaterc5 Version <= 2.0.35
LibgdGd Graphics Library Version2.0.33
LibgdGd Graphics Library Version2.0.34
LibgdGd Graphics Library Version2.0.34 Updaterc1
LibgdGd Graphics Library Version2.0.34 Updaterc2
LibgdGd Graphics Library Version2.0.35 Updaterc1
LibgdGd Graphics Library Version2.0.35 Updaterc2
LibgdGd Graphics Library Version2.0.35 Updaterc3
LibgdGd Graphics Library Version2.0.35 Updaterc4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.32% 0.936
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29157
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0146.html
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://secunia.com/advisories/42813
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0022
Vendor Advisory
http://secunia.com/advisories/30168
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://secunia.com/advisories/26415
Vendor Advisory
http://www.trustix.org/errata/2007/0024/
http://secunia.com/advisories/25855
Vendor Advisory
http://secunia.com/advisories/26390
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://www.libgd.org/ReleaseNote020035
http://www.vupen.com/english/advisories/2007/2336
Vendor Advisory
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
http://bugs.libgd.org/?do=details&task_id=89
http://fedoranews.org/updates/FEDORA-2007-205.shtml
http://osvdb.org/37745
http://secunia.com/advisories/25860
Vendor Advisory
http://secunia.com/advisories/26272
Vendor Advisory
http://secunia.com/advisories/26467
Vendor Advisory
http://secunia.com/advisories/26663
Vendor Advisory
http://secunia.com/advisories/26766
Vendor Advisory
http://secunia.com/advisories/26856
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
http://www.securityfocus.com/archive/1/478796/100/0/threaded
http://www.securityfocus.com/bid/24651
http://www.secweb.se/en/advisories/gd-gdimagecreatetruecolor-integer-overflow/
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://exchange.xforce.ibmcloud.com/vulnerabilities/35108
https://issues.rpath.com/browse/RPL-1643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11067