CVE-2009-3909 – Gimp: Integer overflow in the PSD image file plugin
https://notcve.org/view.php?id=CVE-2009-3909
Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Desbordamiento de entero en la función read_channel_data en plug-ins/file-psd/psd-load.c en GIMP v2.6.7, podría permitir a atacantes remotos ejecutar código de su elección a través de un archivo PSD manipulado que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://git.gnome.org/cgit/gimp/commit/?id=0e440cb6d4d6ee029667363d244aff61b154c33c http://git.gnome.org/cgit/gimp/commit/?id=9cc8d78ff33b7a36852b74e64b427489cad44d0e http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html http://osvdb.org/60178 http://rhn.redhat.com/errata/RHSA-2012-1181.html http://secunia.com/advisories/37348 http://secunia.com/advisories/50737 http://secunia.com/secunia_research/2009-43 http://security.gentoo.org/glsa/glsa-201209-23.xml http://www. • CWE-190: Integer Overflow or Wraparound •
CVE-2009-1570 – Gimp: Integer overflow in the BMP image file plugin
https://notcve.org/view.php?id=CVE-2009-1570
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. Desbordamiento de entero en la función ReadImage en plug-ins/file-bmp/bmp-read.c en GIMP 2.6.7 puede permitir a atacantes remotos ejecutar código de su elección mediante un fichero BMP con valores de ancho y alto manipulados que dispararía un desbordamiento de búfer basado en memoria dinámica. • http://git.gnome.org/cgit/gimp/commit/?h=gimp-2-6&id=df2b0aca2e7cdb95ebfd3454c65aaba0a83e9bbe http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html http://secunia.com/advisories/37232 http://secunia.com/advisories/50737 http://secunia.com/secunia_research/2009-42 http://security.gentoo.org/glsa/glsa-201209-23.xml http://www.osvdb.org/59930 http://www.redhat.com/support/errata/RHSA-2011-0837.html http://www.redhat.com/support/errata/RHSA-2011-0838.html http • CWE-190: Integer Overflow or Wraparound •
CVE-2006-4519 – GIMP multiple image loader integer overflows
https://notcve.org/view.php?id=CVE-2006-4519
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. Múltiples desbordamientos de búfer de entero en la extensión del cargador de imagen en GIMP anterior a 2.2.16 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de valores de longitud manipulados en archivos (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, y (7) XWD. • http://bugzilla.gnome.org/show_bug.cgi?id=451379 http://developer.gimp.org/NEWS-2.2 http://issues.foresightlinux.org/browse/FL-457 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 http://osvdb.org/42139 http://osvdb.org/42140 http://osvdb.org/42141 http://osvdb.org/42142 http://osvdb.org/42143 http://osvdb.org/42144 http://osvdb.org/42145 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia • CWE-190: Integer Overflow or Wraparound •
CVE-2007-2949 – Gimp PSD integer overflow
https://notcve.org/view.php?id=CVE-2007-2949
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. Desbordamiento de entero en la función seek_to_and_unpack_pixeldata de la extensión psd.c en Gimp 2.2.15 permite a atacantes remotos ejecutar código de su elección mediante un archivo PSD manipulado que contiene un valor grande de (1) anchura o (2) altura. • http://issues.foresightlinux.org/browse/FL-457 http://osvdb.org/37804 http://secunia.com/advisories/25677 http://secunia.com/advisories/25949 http://secunia.com/advisories/26044 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia.com/advisories/26384 http://secunia.com/advisories/26575 http://secunia.com/advisories/26939 http://secunia.com/advisories/28114 http://secunia.com/secunia_research/2007-63/advisory http://security.gentoo.org/ • CWE-190: Integer Overflow or Wraparound •
CVE-2007-3126
https://notcve.org/view.php?id=CVE-2007-3126
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. Gimp anterior a la versión 2.8.22 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) por medio de un archivo ICO con un InfoHeader que contiene una altura de cero, este es un problema similar al CVE-2007-2237. • http://osvdb.org/43453 http://www.securityfocus.com/archive/1/470751/100/0/threaded https://bugzilla.gnome.org/show_bug.cgi?id=778604 https://exchange.xforce.ibmcloud.com/vulnerabilities/34789 https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7 https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released •