Solution
Please Install the Updated Packages.
Insight
Buffer overflow in the LWZReadByte() function in gd_gif_in.c in GD prior to 2.0.34 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
This was originally fixed in PHP's embedded GD with MDKSA-2006:162
patches had not been applied to the system libgd at that time.
The updated packages have been patched to correct this issue.
Affected
gd on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64
Severity
Classification
-
CVE CVE-2006-4484 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P
Related Vulnerabilities