|
GD is a graphical library often used to create or manipulate images on the fly in websites.
Details about a vulnerability (and exploit) have been released on full disclosure that claim to cause the library to run an infinite loop while decoding crafted images. It's clear that when used this will lead to severely degraded performance of webservers. No patch available so far, monitor http://www.boutell.com/gd/ if you use it in a vulnerable fashion. Thanks Jim! -- Swa Frantzen - Section 66 |
Swa 760 Posts Jun 6th 2006 |
| Thread locked Subscribe |
Jun 6th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
