FreeBSD : gd -- multiple vulnerabilities (6e099997-25d8-11dc-878b-000c29c5647f)

medium Nessus Plugin ID 25633
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 4.4

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

gd had been reported vulnerable to several vulnerabilities :

- CVE-2007-3472: Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers has unspecified attack vectors and impact.

- CVE-2007-3473: The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.

- CVE-2007-3474: Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 allow user-assisted remote attackers to have unspecified attack vectors and impact.

- CVE-2007-3475: The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.

- CVE-2007-3476: Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

- CVE-2007-3477: The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allows attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

- CVE-2007-3478: Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?9fa888e5

http://www.frsirt.com

http://bugs.libgd.org/?do=details&task_id=89

http://bugs.libgd.org/?do=details&task_id=94

http://bugs.libgd.org/?do=details&task_id=70

http://bugs.libgd.org/?do=details&task_id=87

http://bugs.libgd.org/?do=details&task_id=92

http://bugs.libgd.org/?do=details&task_id=74

http://bugs.libgd.org/?do=details&task_id=48

https://bugs.php.net/bug.php?id=40578

http://www.nessus.org/u?1fa6faa1

Plugin Details

Severity: Medium

ID: 25633

File Name: freebsd_pkg_6e09999725d811dc878b000c29c5647f.nasl

Version: 1.19

Type: local

Published: 7/1/2007

Updated: 1/6/2021

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 4.4

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/29/2007

Vulnerability Publication Date: 6/21/2007

Reference Information

CVE: CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478

CWE: 189, 362, 399