Описание
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Отчет
Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates for libwmf in Red Hat Enterprise Linux 5 and 6. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 5 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 6 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 3 | php | Fixed | RHSA-2007:0889 | 26.09.2007 |
| Red Hat Enterprise Linux 4 | php | Fixed | RHSA-2007:0890 | 20.09.2007 |
| Red Hat Enterprise Linux 4 | gd | Fixed | RHSA-2008:0146 | 28.02.2008 |
| Red Hat Enterprise Linux 5 | php | Fixed | RHSA-2007:0890 | 20.09.2007 |
| Red Hat Enterprise Linux 5 | gd | Fixed | RHSA-2008:0146 | 28.02.2008 |
| Red Hat Web Application Stack for RHEL 4 | php | Fixed | RHSA-2007:0891 | 25.10.2007 |
Показывать по
Дополнительная информация
Статус:
Связанные уязвимости
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
The gdPngReadData function in libgd 2.0.34 allows user-assisted attack ...
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
