CVE-2007-3478
NONE EPSS 74.7%
Published Jun 28, 200719y ago · Modified Jun 16, 20262w ago
Published Jun 28, 2007 19y ago
Last Modified Jun 16, 2026 2w ago
Description
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.
Threat Intelligence
EPSS Exploit Probability
74.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-362
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| gd_graphics_library | gdlib | * | ≤2.0.34 |
References 30
- bugs.libgd.org http://bugs.libgd.org/?do=details&task_id=48
- bugs.php.net http://bugs.php.net/bug.php?id=40578
- fedoranews.org http://fedoranews.org/updates/FEDORA-2007-205.shtml
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
- osvdb.org http://osvdb.org/37740
- secunia.com http://secunia.com/advisories/25855
- secunia.com http://secunia.com/advisories/26272
- secunia.com http://secunia.com/advisories/26390
- secunia.com http://secunia.com/advisories/26415
- secunia.com http://secunia.com/advisories/26467
- secunia.com http://secunia.com/advisories/26663
- secunia.com http://secunia.com/advisories/26766
- secunia.com http://secunia.com/advisories/26856
- secunia.com http://secunia.com/advisories/30168
- secunia.com http://secunia.com/advisories/42813
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200708-05.xml
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200711-34.xml
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200805-13.xml
- libgd.org http://www.libgd.org/ReleaseNote020035
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
- novell.com http://www.novell.com/linux/security/advisories/2007_15_sr.html
- redhat.com http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
- securityfocus.com http://www.securityfocus.com/archive/1/478796/100/0/threaded
- trustix.org http://www.trustix.org/errata/2007/0024/
- vupen.com http://www.vupen.com/english/advisories/2007/2336
- vupen.com http://www.vupen.com/english/advisories/2011/0022
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=277421
- issues.rpath.com https://issues.rpath.com/browse/RPL-1643
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.