CVE-2007-3478

Impact:
Low
Public Date:
2007-06-21
Bugzilla:
277231: CVE-2007-3478 libgd Certain TTF handling routines are not reentrant

The MITRE CVE dictionary describes this issue as:

Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

Find out more about CVE-2007-3478 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

We currently do not plan to backport a fix for this issue to gd packages in current versions of Red Hat Enterprise Linux 2.1, 3, 4, and 5 due to the low likelihood of and application affected by this problem being exposed in a way that would allow trust boundary to be crossed.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.