CVE-2007-2756
CVE-2007-2756
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.libgd.org/?do=details&task_id=86http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.htmlhttp://osvdb.org/35788http://osvdb.org/36643http://rhn.redhat.com/errata/RHSA-2007-0889.htmlhttp://secunia.com/advisories/25353http://secunia.com/advisories/25362http://secunia.com/advisories/25378http://secunia.com/advisories/25535http://secunia.com/advisories/25575http://secunia.com/advisories/25590