CVE-2007-3478
GD Graphics Library < 2.0.34 - Denial of Service via Race Condition in gdImageStringFTEx
Title source: llmDescription
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.
References (30)
Core 30
Core References
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2007/0024/
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
Various Sources x_refsource_misc
http://www.libgd.org/ReleaseNote020035
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1643
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=277421
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25855
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/478796/100/0/threaded
Various Sources x_refsource_confirm
http://bugs.libgd.org/?do=details&task_id=48
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26415
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200805-13.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26467
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42813
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200708-05.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30168
Vendor Advisory vendor-advisory
x_refsource_fedora
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0022
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2336
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26663
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26856
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26272
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200711-34.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37740
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26766
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26390
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_15_sr.html
Various Sources x_refsource_misc
http://bugs.php.net/bug.php?id=40578
Mailing List vendor-advisory
x_refsource_fedora
http://fedoranews.org/updates/FEDORA-2007-205.shtml
Scores
EPSS
0.0172
EPSS Percentile
74.6%
Details
CWE
CWE-362
Status
published
Products (1)
gd_graphics_library/gdlib
< 2.0.34
Published
Jun 28, 2007
Tracked Since
Feb 18, 2026