Lucene search

[email protected]CVE-2007-3473

HistoryJun 28, 2007 - 6:30 p.m.

CVE-2007-3473

2007-06-2818:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2007-3473

gdimagecreatexbm

gd graphics library

libgd

denial of service

crash

remote attackers

nvd

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.205 Low

EPSS

Percentile

96.3%

JSON

The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.

CPENameOperatorVersion
libgd:gd_graphics_librarylibgd gd graphics libraryle2.0.35_rc5

CPE	Name	Operator	Version
libgd:gd_graphics_library	libgd gd graphics library	le	2.0.35_rc5

References

ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz

bugs.libgd.org/?do=details&task_id=94

fedoranews.org/updates/FEDORA-2007-205.shtml

lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html

osvdb.org/37744

secunia.com/advisories/25855

secunia.com/advisories/25860

secunia.com/advisories/26272

secunia.com/advisories/26390

secunia.com/advisories/26415

secunia.com/advisories/26467

secunia.com/advisories/26663

secunia.com/advisories/26766

secunia.com/advisories/26856

secunia.com/advisories/29157

secunia.com/advisories/30168

secunia.com/advisories/42813

security.gentoo.org/glsa/glsa-200708-05.xml

security.gentoo.org/glsa/glsa-200711-34.xml

security.gentoo.org/glsa/glsa-200805-13.xml

www.libgd.org/ReleaseNote020035

www.mandriva.com/security/advisories?name=MDKSA-2007:153

www.mandriva.com/security/advisories?name=MDKSA-2007:164

www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html

www.redhat.com/support/errata/RHSA-2008-0146.html

www.securityfocus.com/archive/1/478796/100/0/threaded

www.securityfocus.com/bid/24651

www.trustix.org/errata/2007/0024/

www.vupen.com/english/advisories/2007/2336

www.vupen.com/english/advisories/2011/0022

bugzilla.redhat.com/show_bug.cgi?id=277421

exchange.xforce.ibmcloud.com/vulnerabilities/35109

issues.rpath.com/browse/RPL-1643

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11806

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.205 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2007-3473

prion1 debiancve1 ubuntucve1 securityvulns3 nessus15 openvas25 oraclelinux1 fedora1 centos1 redhat1 freebsd2 gentoo1 amazon1 archlinux1 slackware1 kitploit1