Red Hat Bugzilla – Bug 277201
CVE-2007-3476 libgd Denial of service by corrupted GIF images
Last modified: 2012-06-20 10:08:16 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-3476 to the following vulnerability:
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.
Same patch as above, but directly in libgd CVS repo:
This issue does not affect versions of gd as shipped with Red Hat Enterprise
Linux 2.1 and 3, as those versions do not offer GIF image type support.
This issue was addressed in:
Red Hat Enterprise Linux: