MDVSA-2013:294 -- Mandriva gimpID: oval:org.secpod.oval:def:1300262 | Date: (C)2014-01-17 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been discovered and corrected in gimp: Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a large red, green, or blue color mask in an XWD file . Integer overflow in the load_image function in file-xwd.c in the X Window Dump plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large color entries value in an X Window System image dump . Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an X Window System image dump with more colors than color map entries . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Enterprise Server 5.2 |