English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59794
Category:Fedora Local Security Checks
Title:Fedora Core 7 FEDORA-2007-2055 (gd)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to gd
announced via advisory FEDORA-2007-2055.

The gd graphics library allows your code to quickly draw images
complete with lines, arcs, text, multiple colors, cut and paste from
other images, and flood fills, and to write out the result as a PNG or
JPEG file. This is particularly useful in Web applications, where PNG
and JPEG are two of the formats accepted for inline images by most
browsers. Note that gd is not a paint program.

ChangeLog:

* Wed Sep 5 2007 Ivana varekova 2.0.35-1
- update to 2.0.35
- fix several vulnerabilities #277421
References:

[ 1 ] Bug #277411
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=277411
[ 2 ] CVE-2007-3472
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
[ 3 ] CVE-2007-3473
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473
[ 4 ] CVE-2007-3474
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3474
[ 5 ] CVE-2007-3475
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475
[ 6 ] CVE-2007-3476
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3476
[ 7 ] CVE-2007-3477
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
[ 8 ] CVE-2007-3478
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3478
Updated packages:

7bb5275aca8df221b58ce108c8538b415979b15a gd-progs-2.0.35-1.fc7.ppc64.rpm
96898a397c25883400fb98e802540afc019b29ea gd-devel-2.0.35-1.fc7.ppc64.rpm
cd64d085d90c35ffd398bda1c6cfd8581733b5ea gd-2.0.35-1.fc7.ppc64.rpm
af617ec43148bf36f13ff784394fa31e7c206bce gd-debuginfo-2.0.35-1.fc7.ppc64.rpm
0a061b1215620ade14d552bf33513e9ccba862cb gd-debuginfo-2.0.35-1.fc7.i386.rpm
e6a30015cca7e075d65469e0578c447c3bb13b6a gd-devel-2.0.35-1.fc7.i386.rpm
753ad34469b71cb96cc792b17231e4a35c4ae74b gd-progs-2.0.35-1.fc7.i386.rpm
f3a4e4e17f9efe06675ace48f6aeee22d2928c29 gd-2.0.35-1.fc7.i386.rpm
f487ff02f03019fdf20b3a43b9c82cd042e065db gd-progs-2.0.35-1.fc7.x86_64.rpm
93a6c517023481ebd7cc4466b66ff7b954fc5919 gd-2.0.35-1.fc7.x86_64.rpm
f29b1aea3efbbd4b518c32d59f0ec18a1a5347f6 gd-debuginfo-2.0.35-1.fc7.x86_64.rpm
5491602218664c47b1cea9e7ced892a10160fc47 gd-devel-2.0.35-1.fc7.x86_64.rpm
b7651610c1e1f5fc1fd2ac53f7093fc28e70cecd gd-2.0.35-1.fc7.ppc.rpm
b1f6c7df2bb6ff7f647d88953395301c19e38a2d gd-progs-2.0.35-1.fc7.ppc.rpm
8c548dc3ff6d7031b1b7db799b8d36f9bb9e7c93 gd-devel-2.0.35-1.fc7.ppc.rpm
0e2f7524e66d9aa5ce244da6213fa3f59c1b2214 gd-debuginfo-2.0.35-1.fc7.ppc.rpm
a007fe8a996a5af692b06175bb3c9ef205caf3c5 gd-2.0.35-1.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.

Solution: Apply the appropriate updates.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2055

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3472
BugTraq ID: 24651
http://www.securityfocus.com/bid/24651
Bugtraq: 20070907 FLEA-2007-0052-1 gd (Google Search)
http://www.securityfocus.com/archive/1/478796/100/0/threaded
http://fedoranews.org/updates/FEDORA-2007-205.shtml
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://bugs.libgd.org/?do=details&task_id=89
http://www.secweb.se/en/advisories/gd-gdimagecreatetruecolor-integer-overflow/
http://osvdb.org/37745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11067
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://secunia.com/advisories/25855
http://secunia.com/advisories/25860
http://secunia.com/advisories/26272
http://secunia.com/advisories/26390
http://secunia.com/advisories/26415
http://secunia.com/advisories/26467
http://secunia.com/advisories/26663
http://secunia.com/advisories/26766
http://secunia.com/advisories/26856
http://secunia.com/advisories/29157
http://secunia.com/advisories/30168
http://secunia.com/advisories/42813
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.trustix.org/errata/2007/0024/
http://www.vupen.com/english/advisories/2007/2336
http://www.vupen.com/english/advisories/2011/0022
XForce ISS Database: gd-imagecreatetruecolor-code-execution(35108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35108
Common Vulnerability Exposure (CVE) ID: CVE-2007-3473
http://bugs.libgd.org/?do=details&task_id=94
http://osvdb.org/37744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11806
XForce ISS Database: gd-imagecreatexbm-dos(35109)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35109
Common Vulnerability Exposure (CVE) ID: CVE-2007-3474
http://osvdb.org/37743
XForce ISS Database: gd-gifreader-unspecified(35110)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35110
Common Vulnerability Exposure (CVE) ID: CVE-2007-3475
http://www.libgd.org/ReleaseNote020035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9728
Common Vulnerability Exposure (CVE) ID: CVE-2007-3476
Debian Security Information: DSA-1613 (Google Search)
http://www.debian.org/security/2008/dsa-1613
http://osvdb.org/37741
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10348
http://secunia.com/advisories/31168
Common Vulnerability Exposure (CVE) ID: CVE-2007-3477
http://osvdb.org/42062
Common Vulnerability Exposure (CVE) ID: CVE-2007-3478
http://bugs.php.net/bug.php?id=40578
http://osvdb.org/37740
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.