CVE-2007-3473

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3473. PoCs published by anonymous.

AI-analyzed exploit summary This exploit targets a vulnerability in the GD graphics library (CVE-2007-3473) by creating a malformed XBM file with an excessively large height value. The exploit triggers a denial-of-service or potential arbitrary code execution when processed by the vulnerable library.

Description

The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · cdoslinux

https://www.exploit-db.com/exploits/30251

View Code ZIP pw:eip

This exploit targets a vulnerability in the GD graphics library (CVE-2007-3473) by creating a malformed XBM file with an excessively large height value. The exploit triggers a denial-of-service or potential arbitrary code execution when processed by the vulnerable library.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: GD graphics library versions prior to 2.0.35

No auth needed

Prerequisites: Vulnerable version of GD graphics library · Ability to provide a malformed XBM file to the target application

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (35)

Core 35

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/35109

Vendor Advisory vendor-advisory x_refsource_trustix

http://www.trustix.org/errata/2007/0024/

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:164

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29157

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/37744

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11806

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26415

Issue Tracking x_refsource_confirm

https://issues.rpath.com/browse/RPL-1643

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=277421

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25855

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200805-13.xml

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/478796/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26467

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42813

Various Sources x_refsource_confirm

http://www.libgd.org/ReleaseNote020035

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200708-05.xml

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30168

Vendor Advisory vendor-advisory x_refsource_fedora

http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0022

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25860

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2336

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26663

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26856

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26272

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200711-34.xml

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0146.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html

Various Sources x_refsource_misc

http://bugs.libgd.org/?do=details&task_id=94

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24651

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:153

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26766

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26390

Vendor Advisory x_refsource_confirm

ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz

Mailing List vendor-advisory x_refsource_fedora

http://fedoranews.org/updates/FEDORA-2007-205.shtml

libgd < 2.0.35_rc5 - Denial of Service via gdImageCreateXbm Function

Exploitation Summary

Description

Exploits (1)

References (35)

Scores

Details