cbcvebase.
CVE-2007-3472
published 2007-06-28

CVE-2007-3472: Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified…

PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
7.32%
93.6th percentile
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianlibgd2< libgd2 2.0.35.dfsg-1 (bookworm)libgd2 2.0.35.dfsg-1 (bookworm)
libgdgd_graphics_library<= 2.0.35
libgdgd_graphics_library
libgdgd_graphics_library
libgdgd_graphics_library

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.