CVE-2007-3475

The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.

Publication date: Thu, 28 Jun 2007 23:30:00 +0000

Cyber News related to CVE-2007-3475

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-3475 - The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. ...
6 years ago

CVE-2009-3475 - Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote ...
15 years ago

CVE-2006-3475 - Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) ...
6 years ago

CVE-2014-8578 - Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email ...
3 years ago

CVE-2014-3475 - Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user ...
1 year ago

CVE-2020-3475 - Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang ...
1 year ago

CVE-2012-3475 - The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors. ...
12 years ago

CVE-2005-3475 - Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests. ...
7 years ago

CVE-2016-3475 - Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console. ...
7 years ago

CVE-2010-3475 - IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE ...
7 years ago

CVE-2013-3475 - Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors. Per: ...
6 years ago

CVE-2008-3475 - Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a ...
8 months ago

CVE-2017-11156 - Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified ...
5 years ago

CVE-2017-3475 - Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" ...
5 years ago

CVE-2017-11149 - Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted URI. ...
5 years ago

CVE-2019-3475 - A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update ...
3 years ago

CVE-2021-3475 - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability. ...
1 year ago

CVE-2023-3475 - A vulnerability was found in SimplePHPscripts Event Script 2.1 and classified as problematic. Affected by this issue is some unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site ...
1 year ago

CVE-2011-3475 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago

CVE-2024-3475 - The Sticky Buttons WordPress plugin before 3.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks ...
6 months ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago

Latest Cyber News

CVE-2024-51672 - 21 hours ago
CVE-2024-50531 - 21 hours ago
CVE-2024-51246 - 21 hours ago
CVE-2024-51249 - 21 hours ago
CVE-2024-51251 - 21 hours ago
CVE-2024-51253 - 21 hours ago
CVE-2024-51408 - 21 hours ago
CVE-2024-51582 - 21 hours ago
CVE-2024-51665 - 21 hours ago
CVE-2024-50526 - 21 hours ago
CVE-2024-50527 - 21 hours ago
CVE-2024-50528 - 21 hours ago
CVE-2024-50529 - 21 hours ago
CVE-2024-50530 - 21 hours ago
CVE-2024-45164 - 21 hours ago
CVE-2024-50523 - 21 hours ago
CVE-2024-50525 - 21 hours ago
CVE-2024-9147 - 22 hours ago
CVE-2024-51557 - 22 hours ago
CVE-2024-51558 - 22 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 10 months ago
Kimsuky - 11 months ago
LogoFAIL - 10 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10741 - 1 day ago
CVE-2024-10742 - 1 day ago
CVE-2024-10743 - 1 day ago
CVE-2024-10744 - 1 day ago
CVE-2024-10745 - 1 day ago
CVE-2024-10746 - 1 day ago
CVE-2024-10747 - 1 day ago
CVE-2024-10748 - 1 day ago
CVE-2024-10749 - 1 day ago
CVE-2024-10750 - 1 day ago
CVE-2024-10751 - 1 day ago
CVE-2024-10752 - 1 day ago
CVE-2024-10753 - 1 day ago
CVE-2024-20104 - 1 day ago
CVE-2024-20106 - 1 day ago
CVE-2024-20107 - 1 day ago
CVE-2024-20108 - 1 day ago
CVE-2024-20109 - 1 day ago
CVE-2024-20110 - 1 day ago
CVE-2024-20111 - 1 day ago