Vulnerabilità: CVE-2007-3472

Integer overflow nella funzione gdImageCreateTrueColor nel Graphics Library GD (libgd) prima 2.0.35 consente agli aggressori remoti dall’utente assistito ad avere vettori di attacco non specificati e l’impatto.


http://www.securityfocus.com/bid/24651
http://www.securityfocus.com/archive/1/478796/100/0/threaded
http://www.libgd.org/ReleaseNote020035
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://issues.rpath.com/browse/RPL-1643
http://fedoranews.org/updates/FEDORA-2007-205.shtml
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://bugs.libgd.org/?do=details&task_id=89
http://www.secweb.se/en/advisories/gd-gdimagecreatetruecolor-integer-overflow/
http://osvdb.org/37745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11067
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://secunia.com/advisories/25855
http://secunia.com/advisories/25860
http://secunia.com/advisories/26272
http://secunia.com/advisories/26390
http://secunia.com/advisories/26415
http://secunia.com/advisories/26467
http://secunia.com/advisories/26663
http://secunia.com/advisories/26766
http://secunia.com/advisories/26856
http://secunia.com/advisories/29157
http://secunia.com/advisories/30168
http://secunia.com/advisories/42813
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.trustix.org/errata/2007/0024/
http://www.vupen.com/english/advisories/2007/2336
http://www.vupen.com/english/advisories/2011/0022
https://exchange.xforce.ibmcloud.com/vulnerabilities/35108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472


E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi