JVN/CVE Demo: Cveinfos

CVE

Id: 26113
CVE No.: CVE-2007-2756
Status: Candidate
Description: The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Phase: Assigned (20070518)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
262779	26113	CVE-2007-2756	CONFIRM:http://bugs.libgd.org/?do=details&task_id=86	View
262780	26113	CVE-2007-2756	CONFIRM:http://www.php.net/releases/5_2_3.php	View
262781	26113	CVE-2007-2756	CONFIRM:https://issues.rpath.com/browse/RPL-1394	View
262782	26113	CVE-2007-2756	CONFIRM:http://www.libgd.org/ReleaseNote020035	View
262783	26113	CVE-2007-2756	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm	View
262784	26113	CVE-2007-2756	FEDORA:FEDORA-2007-709	View
262785	26113	CVE-2007-2756	URL:https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html	View
262786	26113	CVE-2007-2756	FEDORA:FEDORA-2007-2215	View
262787	26113	CVE-2007-2756	URL:https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html	View
262788	26113	CVE-2007-2756	GENTOO:GLSA-200708-05	View
262789	26113	CVE-2007-2756	URL:http://security.gentoo.org/glsa/glsa-200708-05.xml	View
262790	26113	CVE-2007-2756	GENTOO:GLSA-200710-02	View
262791	26113	CVE-2007-2756	URL:http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	View
262792	26113	CVE-2007-2756	GENTOO:GLSA-200711-34	View
262793	26113	CVE-2007-2756	URL:http://security.gentoo.org/glsa/glsa-200711-34.xml	View
262794	26113	CVE-2007-2756	GENTOO:GLSA-200805-13	View
262795	26113	CVE-2007-2756	URL:http://security.gentoo.org/glsa/glsa-200805-13.xml	View
262796	26113	CVE-2007-2756	HP:HPSBUX02262	View
262797	26113	CVE-2007-2756	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	View
262798	26113	CVE-2007-2756	HP:SSRT071447	View
262799	26113	CVE-2007-2756	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	View
262800	26113	CVE-2007-2756	MANDRIVA:MDKSA-2007:123	View
262801	26113	CVE-2007-2756	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:123	View
262802	26113	CVE-2007-2756	MANDRIVA:MDKSA-2007:124	View
262803	26113	CVE-2007-2756	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:124	View
262804	26113	CVE-2007-2756	MANDRIVA:MDKSA-2007:122	View
262805	26113	CVE-2007-2756	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:122	View
262806	26113	CVE-2007-2756	MANDRIVA:MDKSA-2007:187	View
262807	26113	CVE-2007-2756	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:187	View
262808	26113	CVE-2007-2756	OPENPKG:OpenPKG-SA-2007.020	View
262809	26113	CVE-2007-2756	URL:http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html	View
262810	26113	CVE-2007-2756	REDHAT:RHSA-2007:0890	View
262811	26113	CVE-2007-2756	URL:http://www.redhat.com/support/errata/RHSA-2007-0890.html	View
262812	26113	CVE-2007-2756	REDHAT:RHSA-2007:0889	View
262813	26113	CVE-2007-2756	URL:http://rhn.redhat.com/errata/RHSA-2007-0889.html	View
262814	26113	CVE-2007-2756	REDHAT:RHSA-2007:0891	View
262815	26113	CVE-2007-2756	URL:http://www.redhat.com/support/errata/RHSA-2007-0891.html	View
262816	26113	CVE-2007-2756	REDHAT:RHSA-2008:0146	View
262817	26113	CVE-2007-2756	URL:http://www.redhat.com/support/errata/RHSA-2008-0146.html	View
262818	26113	CVE-2007-2756	SLACKWARE:SSA:2007-152-01	View
262819	26113	CVE-2007-2756	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863	View
262820	26113	CVE-2007-2756	SUSE:SUSE-SR:2007:013	View
262821	26113	CVE-2007-2756	URL:http://www.novell.com/linux/security/advisories/2007_13_sr.html	View
262822	26113	CVE-2007-2756	SUSE:SUSE-SA:2007:044	View
262823	26113	CVE-2007-2756	URL:http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html	View
262824	26113	CVE-2007-2756	TRUSTIX:2007-0019	View
262825	26113	CVE-2007-2756	URL:http://www.trustix.org/errata/2007/0019/	View
262826	26113	CVE-2007-2756	TRUSTIX:2007-0023	View
262827	26113	CVE-2007-2756	URL:http://www.trustix.org/errata/2007/0023/	View
262828	26113	CVE-2007-2756	UBUNTU:USN-473-1	View
262829	26113	CVE-2007-2756	URL:http://www.ubuntu.com/usn/usn-473-1	View
262830	26113	CVE-2007-2756	BID:24089	View
262831	26113	CVE-2007-2756	URL:http://www.securityfocus.com/bid/24089	View
262832	26113	CVE-2007-2756	OSVDB:36643	View
262833	26113	CVE-2007-2756	URL:http://osvdb.org/36643	View
262834	26113	CVE-2007-2756	OSVDB:35788	View
262835	26113	CVE-2007-2756	URL:http://osvdb.org/35788	View
262836	26113	CVE-2007-2756	OVAL:oval:org.mitre.oval:def:10779	View
262837	26113	CVE-2007-2756	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10779	View
262838	26113	CVE-2007-2756	VUPEN:ADV-2007-1905	View
262839	26113	CVE-2007-2756	URL:http://www.vupen.com/english/advisories/2007/1905	View
262840	26113	CVE-2007-2756	VUPEN:ADV-2007-1904	View
262841	26113	CVE-2007-2756	URL:http://www.vupen.com/english/advisories/2007/1904	View
262842	26113	CVE-2007-2756	VUPEN:ADV-2007-2016	View
262843	26113	CVE-2007-2756	URL:http://www.vupen.com/english/advisories/2007/2016	View
262844	26113	CVE-2007-2756	VUPEN:ADV-2007-2336	View
262845	26113	CVE-2007-2756	URL:http://www.vupen.com/english/advisories/2007/2336	View
262846	26113	CVE-2007-2756	VUPEN:ADV-2007-3386	View
262847	26113	CVE-2007-2756	URL:http://www.vupen.com/english/advisories/2007/3386	View
262848	26113	CVE-2007-2756	SECTRACK:1018187	View
262849	26113	CVE-2007-2756	URL:http://www.securitytracker.com/id?1018187	View
262850	26113	CVE-2007-2756	SECUNIA:25378	View
262851	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25378	View
262852	26113	CVE-2007-2756	SECUNIA:25362	View
262853	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25362	View
262854	26113	CVE-2007-2756	SECUNIA:25353	View
262855	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25353	View
262856	26113	CVE-2007-2756	SECUNIA:25535	View
262857	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25535	View
262858	26113	CVE-2007-2756	SECUNIA:25590	View
262859	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25590	View
262860	26113	CVE-2007-2756	SECUNIA:25575	View
262861	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25575	View
262862	26113	CVE-2007-2756	SECUNIA:25646	View
262863	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25646	View
262864	26113	CVE-2007-2756	SECUNIA:25658	View
262865	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25658	View
262866	26113	CVE-2007-2756	SECUNIA:25657	View
262867	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25657	View
262868	26113	CVE-2007-2756	SECUNIA:25855	View
262869	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25855	View
262870	26113	CVE-2007-2756	SECUNIA:26048	View
262871	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26048	View
262872	26113	CVE-2007-2756	SECUNIA:26231	View
262873	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26231	View
262874	26113	CVE-2007-2756	SECUNIA:26390	View
262875	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26390	View
262876	26113	CVE-2007-2756	SECUNIA:26930	View
262877	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26930	View
262878	26113	CVE-2007-2756	SECUNIA:26871	View
262879	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26871	View
262880	26113	CVE-2007-2756	SECUNIA:26895	View
262881	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26895	View
262882	26113	CVE-2007-2756	SECUNIA:26967	View
262883	26113	CVE-2007-2756	URL:http://secunia.com/advisories/26967	View
262884	26113	CVE-2007-2756	SECUNIA:27037	View
262885	26113	CVE-2007-2756	URL:http://secunia.com/advisories/27037	View
262886	26113	CVE-2007-2756	SECUNIA:27110	View
262887	26113	CVE-2007-2756	URL:http://secunia.com/advisories/27110	View
262888	26113	CVE-2007-2756	SECUNIA:25787	View
262889	26113	CVE-2007-2756	URL:http://secunia.com/advisories/25787	View
262890	26113	CVE-2007-2756	SECUNIA:27545	View
262891	26113	CVE-2007-2756	URL:http://secunia.com/advisories/27545	View
262892	26113	CVE-2007-2756	SECUNIA:27102	View
262893	26113	CVE-2007-2756	URL:http://secunia.com/advisories/27102	View
262894	26113	CVE-2007-2756	SECUNIA:29157	View
262895	26113	CVE-2007-2756	URL:http://secunia.com/advisories/29157	View
262896	26113	CVE-2007-2756	SECUNIA:30168	View
262897	26113	CVE-2007-2756	URL:http://secunia.com/advisories/30168	View
262898	26113	CVE-2007-2756	XF:gd-gdpngreaddata-dos(34420)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
56900	JVNDB-2007-005592	WinImage におけるバッファオーバーフローの脆弱性	WinImage には、バッファオーバーフローの脆弱性が存在します。	CVE-2007-2758	26113	9.3		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005592.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.45 MB
View render complete	3.05 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.00
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	427.79
Event: Controller.beforeRender	5.53
» Processing toolbar data	5.43
Rendering View	61.72
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	60.32
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.84
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.16
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/26113
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/26113
Remote Port	1118
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.9
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.185.124
Http Via	1.1 squid-proxy-5b5d847c96-kfhtb (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.9
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.9
Unique Id	aSX4kLYoyqZ4yZYmaHXiLQAAAYk
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.9
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.9
Redirect Unique Id	aSX4kLYoyqZ4yZYmaHXiLQAAAYk
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.9
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.9
Redirect Redirect Unique Id	aSX4kLYoyqZ4yZYmaHXiLQAAAYk
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1764096144.2018
Request Time	1764096144

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files