Search for vulnerabilities
Vulnerability details: VCID-gujd-v18x-aaap
Vulnerability ID VCID-gujd-v18x-aaap
Aliases CVE-2007-3475
Summary The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2008:0146
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.11807 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.14932 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.17844 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.23249 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.23249 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.23249 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
epss 0.23249 https://api.first.org/data/v1/epss?cve=CVE-2007-3475
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=277181
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2007-3475
Reference id Reference type URL
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
http://bugs.libgd.org/?do=details&task_id=70
http://fedoranews.org/updates/FEDORA-2007-205.shtml
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3475.json
https://api.first.org/data/v1/epss?cve=CVE-2007-3475
https://bugzilla.redhat.com/show_bug.cgi?id=277421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475
http://secunia.com/advisories/25860
http://secunia.com/advisories/26272
http://secunia.com/advisories/26390
http://secunia.com/advisories/26415
http://secunia.com/advisories/26467
http://secunia.com/advisories/26663
http://secunia.com/advisories/26766
http://secunia.com/advisories/26856
http://secunia.com/advisories/29157
http://secunia.com/advisories/30168
http://secunia.com/advisories/42813
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
https://issues.rpath.com/browse/RPL-1643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9728
http://www.libgd.org/ReleaseNote020035
http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://www.securityfocus.com/archive/1/478796/100/0/threaded
http://www.securityfocus.com/bid/24651
http://www.trustix.org/errata/2007/0024/
http://www.vupen.com/english/advisories/2011/0022
277181 https://bugzilla.redhat.com/show_bug.cgi?id=277181
cpe:2.3:a:gd_graphics_library:gdlib:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gd_graphics_library:gdlib:*:*:*:*:*:*:*:*
CVE-2007-3475 https://nvd.nist.gov/vuln/detail/CVE-2007-3475
GLSA-200708-05 https://security.gentoo.org/glsa/200708-05
RHSA-2008:0146 https://access.redhat.com/errata/RHSA-2008:0146
USN-854-1 https://usn.ubuntu.com/854-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-3475
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93075
EPSS Score 0.11807
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.