Gentoo Linux Security Advisory 201209-23 - Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 2.6.12-r2 are affected.
926d432f20f636e85ac0519408b8e94f610b43cc70f07d0dd06875097611ddadRed Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
bcebaf7eecce22dfae82e4c81db212616345165a850f2049b859bb2f8f85043eRed Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
bc734d04701963c119db99658f1e8c5db3d1bb7653d5c791749605209f890f90Ubuntu Security Notice 880-1 - Stefan Cornelius discovered that GIMP did not correctly handle certain malformed BMP files. If a user were tricked into opening a specially crafted BMP file, an attacker could execute arbitrary code with the user's privileges. Stefan Cornelius discovered that GIMP did not correctly handle certain malformed PSD files. If a user were tricked into opening a specially crafted PSD file, an attacker could execute arbitrary code with the user's privileges. This issue only applied to Ubuntu 8.10, 9.04 and 9.10.
abfaff4f2057c4885200056001e88d026401c3e2ef40fbfc793fe89e6662298fMandriva Linux Security Advisory 2009-296 - Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
8a424be972edd20a5efd8fdfd4170719f59c4e38346adbd173702deb1f7539f6Secunia Research has discovered a vulnerability in Gimp, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an integer overflow error within the "ReadImage()" function in plug-ins/file-bmp/bmp-read.c. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted BMP file. Version 2.6.7 is affected.
85f0dc9e18157639fcbd9378b0285371a6aa9be92f500f354cfb55b30a5693baMandriva Linux Security Advisory 2009-296 - Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. This update provides a solution to this vulnerability.
4ac465217e3550eff56ead3dc617eaad69ffec140bdd9145c8d1774f14777969
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed