It was discovered that libwmf did not correctly process certain WMF with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. It was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application. It was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash. The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted string with a JIS encoded font. The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293 . NOTE: some of these details are obtained from third party information. Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. The gdImageCreateXbm function in the GD Graphics Library before 2.0.35 allows user-assisted remote attackers to cause a denial of service via unspecified vectors involving a gdImageCreate failure