CVE-2007-3476

Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

🔗 References (70)

• cve@mitreftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
• cve@mitrehttp://bugs.libgd.org/?do=details&task_id=87
• cve@mitrehttp://fedoranews.org/updates/FEDORA-2007-205.shtml
• cve@mitrehttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
• cve@mitrehttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
• cve@mitrehttp://osvdb.org/37741
• cve@mitrehttp://secunia.com/advisories/25860
• cve@mitrehttp://secunia.com/advisories/26272
• cve@mitrehttp://secunia.com/advisories/26390
• cve@mitrehttp://secunia.com/advisories/26415
• cve@mitrehttp://secunia.com/advisories/26467
• cve@mitrehttp://secunia.com/advisories/26663
• cve@mitrehttp://secunia.com/advisories/26766
• cve@mitrehttp://secunia.com/advisories/26856
• cve@mitrehttp://secunia.com/advisories/29157