Vulnerability identifier: #VU7575
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
Vendor: Boutell.Com, Inc.
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing images in gdImageCreateFromGd2Ctx() function in gd_gd2.c. A remote attacker can supply a malformed image and crash the application, using the affected library.
Update to version 2.2.4.
Vulnerable software versions
GD Graphics Library: 2.1.0 - 2.2.3
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?