CVE-2007-3477

Impact:
Low
Public Date:
2007-06-21
Bugzilla:
277221: CVE-2007-3477 libgd arc drawing functions can consume large amount of CPU time

The MITRE CVE dictionary describes this issue as:

The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

Find out more about CVE-2007-3477 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Due to the minimal impact of this flaw (temporary DoS by high CPU usage) and low likelihood of this problem being exposed in a way that would allow trust boundary crossing, we currently do not plan to backport a fix for this issue to the versions of gd as shipped in Red Hat Enterprise Linux 2.1, 3, 4 or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 libwmf Fix deferred
Red Hat Enterprise Linux 5 libwmf Fix deferred
Red Hat Enterprise Linux 4 libwmf Will not fix

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.