5

CVE-2007-3477

Exploit
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LibgdGd Graphics Library Updaterc5 Version <= 2.0.35
LibgdGd Graphics Library Version2.0.33
LibgdGd Graphics Library Version2.0.34
LibgdGd Graphics Library Version2.0.34 Updaterc1
LibgdGd Graphics Library Version2.0.34 Updaterc2
LibgdGd Graphics Library Version2.0.35 Updaterc1
LibgdGd Graphics Library Version2.0.35 Updaterc2
LibgdGd Graphics Library Version2.0.35 Updaterc3
LibgdGd Graphics Library Version2.0.35 Updaterc4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.86% 0.909
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://secunia.com/advisories/42813
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0022
Vendor Advisory
http://secunia.com/advisories/30168
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://secunia.com/advisories/26415
Vendor Advisory
http://www.trustix.org/errata/2007/0024/
http://secunia.com/advisories/31168
Vendor Advisory
http://www.debian.org/security/2008/dsa-1613
http://secunia.com/advisories/26390
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://www.libgd.org/ReleaseNote020035
Patch
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
Patch
http://fedoranews.org/updates/FEDORA-2007-205.shtml
http://secunia.com/advisories/25860
Vendor Advisory
http://secunia.com/advisories/26272
Vendor Advisory
http://secunia.com/advisories/26467
Vendor Advisory
http://secunia.com/advisories/26663
Vendor Advisory
http://secunia.com/advisories/26766
Vendor Advisory
http://secunia.com/advisories/26856
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
http://www.securityfocus.com/archive/1/478796/100/0/threaded
http://www.securityfocus.com/bid/24651
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://issues.rpath.com/browse/RPL-1643
http://bugs.libgd.org/?do=details&task_id=74
Exploit
http://bugs.libgd.org/?do=details&task_id=92
http://osvdb.org/42062