CVE-2009-1570 – Gimp: Integer overflow in the BMP image file plugin
https://notcve.org/view.php?id=CVE-2009-1570
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. Desbordamiento de entero en la función ReadImage en plug-ins/file-bmp/bmp-read.c en GIMP 2.6.7 puede permitir a atacantes remotos ejecutar código de su elección mediante un fichero BMP con valores de ancho y alto manipulados que dispararía un desbordamiento de búfer basado en memoria dinámica. • http://git.gnome.org/cgit/gimp/commit/?h=gimp-2-6&id=df2b0aca2e7cdb95ebfd3454c65aaba0a83e9bbe http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html http://secunia.com/advisories/37232 http://secunia.com/advisories/50737 http://secunia.com/secunia_research/2009-42 http://security.gentoo.org/glsa/glsa-201209-23.xml http://www.osvdb.org/59930 http://www.redhat.com/support/errata/RHSA-2011-0837.html http://www.redhat.com/support/errata/RHSA-2011-0838.html http • CWE-190: Integer Overflow or Wraparound •
CVE-2006-4519 – GIMP multiple image loader integer overflows
https://notcve.org/view.php?id=CVE-2006-4519
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. Múltiples desbordamientos de búfer de entero en la extensión del cargador de imagen en GIMP anterior a 2.2.16 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de valores de longitud manipulados en archivos (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, y (7) XWD. • http://bugzilla.gnome.org/show_bug.cgi?id=451379 http://developer.gimp.org/NEWS-2.2 http://issues.foresightlinux.org/browse/FL-457 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 http://osvdb.org/42139 http://osvdb.org/42140 http://osvdb.org/42141 http://osvdb.org/42142 http://osvdb.org/42143 http://osvdb.org/42144 http://osvdb.org/42145 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia • CWE-190: Integer Overflow or Wraparound •
CVE-2007-2949 – Gimp PSD integer overflow
https://notcve.org/view.php?id=CVE-2007-2949
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. Desbordamiento de entero en la función seek_to_and_unpack_pixeldata de la extensión psd.c en Gimp 2.2.15 permite a atacantes remotos ejecutar código de su elección mediante un archivo PSD manipulado que contiene un valor grande de (1) anchura o (2) altura. • http://issues.foresightlinux.org/browse/FL-457 http://osvdb.org/37804 http://secunia.com/advisories/25677 http://secunia.com/advisories/25949 http://secunia.com/advisories/26044 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia.com/advisories/26384 http://secunia.com/advisories/26575 http://secunia.com/advisories/26939 http://secunia.com/advisories/28114 http://secunia.com/secunia_research/2007-63/advisory http://security.gentoo.org/ • CWE-190: Integer Overflow or Wraparound •
CVE-2007-3126
https://notcve.org/view.php?id=CVE-2007-3126
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. Gimp anterior a la versión 2.8.22 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) por medio de un archivo ICO con un InfoHeader que contiene una altura de cero, este es un problema similar al CVE-2007-2237. • http://osvdb.org/43453 http://www.securityfocus.com/archive/1/470751/100/0/threaded https://bugzilla.gnome.org/show_bug.cgi?id=778604 https://exchange.xforce.ibmcloud.com/vulnerabilities/34789 https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7 https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released •
CVE-2007-2356 – GIMP 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2356
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file. Un desbordamiento de búfer en la región stack de la memoria en la función set_color_table en sunras.c en el plugin SUNRAS en Gimp versión 2.2.14 permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo RAS creado. • https://www.exploit-db.com/exploits/3801 https://www.exploit-db.com/exploits/3888 http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http://secunia.com/advisories/25012 http://secunia.com/advisories/25111 http://secunia.com/advisories/25167 http://secunia.com/advisories/25239 http://secunia.com/advisories/25346 http://secunia.com/advisories/25359 http://secunia.com/advisories/25466 http://secunia.com/advisories/25573 http://secunia.com/advisories/28 • CWE-787: Out-of-bounds Write •