CVE-2007-0455
6.9 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
References
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607
fedoranews.org/cms/node/2631
lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
lists.rpath.com/pipermail/security-announce/2007-February/000145.html
rhn.redhat.com/errata/RHSA-2007-0155.html
secunia.com/advisories/23916
secunia.com/advisories/24022
secunia.com/advisories/24052
secunia.com/advisories/24053
secunia.com/advisories/24107
secunia.com/advisories/24143
secunia.com/advisories/24151
secunia.com/advisories/24924
secunia.com/advisories/24945
secunia.com/advisories/24965
secunia.com/advisories/25575
secunia.com/advisories/29157
secunia.com/advisories/42813
www.mandriva.com/security/advisories?name=MDKSA-2007:035
www.mandriva.com/security/advisories?name=MDKSA-2007:036
www.mandriva.com/security/advisories?name=MDKSA-2007:038
www.mandriva.com/security/advisories?name=MDKSA-2007:109
www.redhat.com/support/errata/RHSA-2007-0153.html
www.redhat.com/support/errata/RHSA-2007-0162.html
www.redhat.com/support/errata/RHSA-2008-0146.html
www.securityfocus.com/archive/1/466166/100/0/threaded
www.securityfocus.com/bid/22289
www.trustix.org/errata/2007/0007
www.ubuntu.com/usn/usn-473-1
www.vupen.com/english/advisories/2007/0400
www.vupen.com/english/advisories/2011/0022
issues.rpath.com/browse/RPL-1030
issues.rpath.com/browse/RPL-1268
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303
Social References
More
Related
6.9 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%