Solution
Please Install the Updated Packages.
Insight
A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption.
Tetex uses an embedded copy of the gd source and may also be affected by this issue.
The updated packages have been patched to prevent this issue.
Affected
tetex on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64
Severity
Classification
-
CVE CVE-2007-2756 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities