CVE-2007-3477

Name of the Vulnerable Software and Affected Versions libgd2-xpm-dev (affected versions not specified) libgd2-noxpm (affected versions not specified) libgd2-noxpm-dev (affected versions not specified) libgd2-xpm (affected versions not specified) gd versions prior to 2.0.35

Description The issue concerns multiple vulnerabilities in the libgd2 packages and the GD Graphics Library, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service due to CPU consumption. Specifically, the imagearc and imagefilledarc functions in the GD Graphics Library are affected by this issue, allowing attackers to cause a denial of service via large start or end angle degree values.

Recommendations For libgd2-xpm-dev, consider disabling the vulnerable functions until a patch is available. For libgd2-noxpm, restrict access to the vulnerable modules to minimize the risk of exploitation. For libgd2-noxpm-dev, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For libgd2-xpm, consider applying configuration changes to mitigate the risk of exploitation. For gd versions prior to 2.0.35, update to version 2.0.35 or later to resolve the issue.