Common Vulnerabilities and Exposures assigned an identifier CVE-2007-3477 to the following vulnerability: The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. References: http://www.libgd.org/ReleaseNote020035 http://bugs.libgd.org/?do=details&task_id=74 http://bugs.libgd.org/?do=details&task_id=92
Original fix: http://cvs.php.net/viewcvs.cgi/gd/libgd/src/gd.c?r1=1.53&r2=1.54 and additional enhancement to fix regression introduced by the original fix: http://cvs.php.net/viewcvs.cgi/gd/libgd/src/gd.c?r1=1.58&r2=1.59
Due to minimal impact of this flaw (temporary DoS by high CPU usage) and low likelihood of this problem being exposed in a way that would allow trust boundary crossing, we currently do not plan to backport fix for this issue to versions of gd shipped in current versions of Red Hat Enterprise Linux.