Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2007:035: gd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2007:035 (gd).
Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font.
Packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:035
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.