gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...

[SECURITY] Fedora Core 6 Update: gd-2.0.35-1.fc6

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

[SECURITY] Fedora 7 Update: gd-2.0.35-1.fc7

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

[ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:153 http://www.mandriva.com/security/ Package : gd Date : August 3, 2007 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0 Problem Description: GD versions prior to 2.0.35 have a number of bugs which...

Race condition

Race condition in gdImageStringFTEx gdftdrawbitmap in gdft.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors, possibly involving truetype font TTF support...

CVE-2007-3475

The GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via a GIF image that has no global color map...

DEBIAN-CVE-2007-3478

Race condition in gdImageStringFTEx gdftdrawbitmap in gdft.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors, possibly involving truetype font TTF support...

CVE-2007-3474

Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library libgd before 2.0.35 have unspecified impact and user-assisted remote attack vectors...

CVE-2007-3476

Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...

CVE-2007-3477

The a imagearc and b imagefilledarc functions in GD Graphics Library libgd before 2.0.35 allow attackers to cause a denial of service CPU consumption via a large 1 start or 2 end angle degree value...

Design/Logic Flaw

Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library libgd before 2.0.35 have unspecified impact and user-assisted remote attack vectors...

CVE-2007-3478

Race condition in gdImageStringFTEx gdftdrawbitmap in gdft.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors, possibly involving truetype font TTF support...

CVE-2007-3477

The a imagearc and b imagefilledarc functions in GD Graphics Library libgd before 2.0.35 allow attackers to cause a denial of service CPU consumption via a large 1 start or 2 end angle degree value...

CVE-2007-3473

The gdImageCreateXbm function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors involving a gdImageCreate failure...

DEBIAN-CVE-2007-3473

The gdImageCreateXbm function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors involving a gdImageCreate failure...

CVE-2007-3478

Race condition in gdImageStringFTEx gdftdrawbitmap in gdft.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors, possibly involving truetype font TTF support...

DEBIAN-CVE-2007-3477

The a imagearc and b imagefilledarc functions in GD Graphics Library libgd before 2.0.35 allow attackers to cause a denial of service CPU consumption via a large 1 start or 2 end angle degree value...

Integer overflow

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact...

DEBIAN-CVE-2007-3472

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact...

CVE-2007-3476

Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...