{"id":"DEBIAN-CVE-2007-3477","details":"The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.","modified":"2026-04-28T20:09:38.710441Z","published":"2007-06-28T18:30:00Z","upstream":["CVE-2007-3477"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2007-3477"}],"affected":[{"package":{"name":"libgd2","ecosystem":"Debian:11","purl":"pkg:deb/debian/libgd2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.35.dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libgd2","ecosystem":"Debian:12","purl":"pkg:deb/debian/libgd2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.35.dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libgd2","ecosystem":"Debian:13","purl":"pkg:deb/debian/libgd2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.35.dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libgd2","ecosystem":"Debian:14","purl":"pkg:deb/debian/libgd2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.35.dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libwmf","ecosystem":"Debian:11","purl":"pkg:deb/debian/libwmf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.2.12-1","0.2.12-2","0.2.12-3","0.2.12-4","0.2.12-5","0.2.12-5.1","0.2.12-5.2","0.2.13-1","0.2.13-1.1","0.2.13-2","0.2.14-1","0.2.8.4-17"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libwmf","ecosystem":"Debian:12","purl":"pkg:deb/debian/libwmf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.2.12-5.1","0.2.12-5.2","0.2.13-1","0.2.13-1.1","0.2.13-2","0.2.14-1"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libwmf","ecosystem":"Debian:13","purl":"pkg:deb/debian/libwmf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.2.13-1.1","0.2.13-2","0.2.14-1"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"libwmf","ecosystem":"Debian:14","purl":"pkg:deb/debian/libwmf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.2.13-1.1","0.2.13-2","0.2.14-1"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"racket","ecosystem":"Debian:11","purl":"pkg:deb/debian/racket?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.2-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"racket","ecosystem":"Debian:12","purl":"pkg:deb/debian/racket?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.2-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"racket","ecosystem":"Debian:13","purl":"pkg:deb/debian/racket?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.2-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}},{"package":{"name":"racket","ecosystem":"Debian:14","purl":"pkg:deb/debian/racket?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.2-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-3477.json"}}],"schema_version":"1.7.5"}