CVE-2007-3472

Publication date 28 June 2007

Last updated 17 July 2025

Ubuntu priority

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libgd2	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

in dapper, this is fixed by 05_SECURITY_CVE-2007-3996.patch

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-3472