CVE-2007-3477

Impact:
Low
Public Date:
2007-06-21
Bugzilla:
277221: CVE-2007-3477 gd: arc drawing functions can consume large amount of CPU time

The MITRE CVE dictionary describes this issue as:

The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

Find out more about CVE-2007-3477 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Due to the minimal impact of this flaw (temporary DoS by high CPU usage) and low likelihood of this problem being exposed in a way that would allow trust boundary crossing, we currently do not plan to backport a fix for this issue to the versions of gd as shipped in Red Hat Enterprise Linux 2.1, 3, 4 or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 libwmf Will not fix
Red Hat Enterprise Linux 5 libwmf Will not fix
Red Hat Enterprise Linux 4 libwmf Will not fix
Last Modified

CVE description copyright © 2017, The MITRE Corporation