[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-4519

Date: (C)2007-07-10   (M)2017-10-12
 
CVSS Score: 6.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.

Reference:
SECTRACK-1018349
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551
http://www.securityfocus.com/archive/1/archive/1/475257/100/0/threaded
BID-24835
SECUNIA-26132
SECUNIA-26215
SECUNIA-26240
SECUNIA-26575
SECUNIA-26939
OSVDB-42139
OSVDB-42140
OSVDB-42141
OSVDB-42142
OSVDB-42143
OSVDB-42144
OSVDB-42145
ADV-2007-2471
DSA-1335
GLSA-200707-09
MDKSA-2007:170
RHSA-2007:0513
USN-494-1
gimp-plugins-code-execution(35308)
http://bugzilla.gnome.org/show_bug.cgi?id=451379
http://developer.gimp.org/NEWS-2.2
http://issues.foresightlinux.org/browse/FL-457

CWE    1
CWE-189

© 2013 SecPod Technologies