CVE-2007-2756

Name of the Vulnerable Software and Affected Versions: libgd versions 2.0.34 and earlier libgd version prior to 2.0.35

Description: The issue allows attackers to cause a denial of service, specifically CPU consumption, via a crafted PNG image with truncated data. This can lead to an infinite loop in the png read info function in libpng. Multiple vulnerabilities in the gd package can be exploited remotely, potentially disrupting the availability of protected information.

Recommendations: For libgd versions 2.0.34 and earlier, update to version 2.0.35 or later to resolve the issue. For libgd version prior to 2.0.35, update to version 2.0.35 or later to resolve the issue. As a temporary workaround, consider restricting the use of the gdPngReadData function until a patch is available.