NotCVE - vendor:"Gimp" product:"Gimp"

Page 8 of 42 results (0.009 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 2

CVE-2009-0581 – LittleCms memory leak

https://notcve.org/view.php?id=CVE-2009-0581

Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Fuga de memoria en versiones de LittleCMS (alias LCMS o liblcms) anteriores a la 1.18beta2, tal como se utiliza en Firefox 3.1beta, OpenJDK, y el GIMP, permite causar, a atacantes dependientes de contexto, una denegación de servicio (mediante consumo de memoria y caida de la aplicación) a través de un archivo de imagen debidamente modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 6.8EPSS: 7%CPEs: 1EXPL: 0

CVE-2006-4519 – GIMP multiple image loader integer overflows

https://notcve.org/view.php?id=CVE-2006-4519

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. Múltiples desbordamientos de búfer de entero en la extensión del cargador de imagen en GIMP anterior a 2.2.16 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de valores de longitud manipulados en archivos (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, y (7) XWD. • http://bugzilla.gnome.org/show_bug.cgi?id=451379 http://developer.gimp.org/NEWS-2.2 http://issues.foresightlinux.org/browse/FL-457 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 http://osvdb.org/42139 http://osvdb.org/42140 http://osvdb.org/42141 http://osvdb.org/42142 http://osvdb.org/42143 http://osvdb.org/42144 http://osvdb.org/42145 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.8EPSS: 50%CPEs: 4EXPL: 0

CVE-2007-2949 – Gimp PSD integer overflow

https://notcve.org/view.php?id=CVE-2007-2949

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. Desbordamiento de entero en la función seek_to_and_unpack_pixeldata de la extensión psd.c en Gimp 2.2.15 permite a atacantes remotos ejecutar código de su elección mediante un archivo PSD manipulado que contiene un valor grande de (1) anchura o (2) altura. • http://issues.foresightlinux.org/browse/FL-457 http://osvdb.org/37804 http://secunia.com/advisories/25677 http://secunia.com/advisories/25949 http://secunia.com/advisories/26044 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia.com/advisories/26384 http://secunia.com/advisories/26575 http://secunia.com/advisories/26939 http://secunia.com/advisories/28114 http://secunia.com/secunia_research/2007-63/advisory http://security.gentoo.org/ • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-3126

https://notcve.org/view.php?id=CVE-2007-3126

Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. Gimp anterior a la versión 2.8.22 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) por medio de un archivo ICO con un InfoHeader que contiene una altura de cero, este es un problema similar al CVE-2007-2237. • http://osvdb.org/43453 http://www.securityfocus.com/archive/1/470751/100/0/threaded https://bugzilla.gnome.org/show_bug.cgi?id=778604 https://exchange.xforce.ibmcloud.com/vulnerabilities/34789 https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7 https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released •

CVSS: 6.8EPSS: 5%CPEs: 1EXPL: 3

CVE-2007-2356 – GIMP 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-2356

Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file. Un desbordamiento de búfer en la región stack de la memoria en la función set_color_table en sunras.c en el plugin SUNRAS en Gimp versión 2.2.14 permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo RAS creado. • https://www.exploit-db.com/exploits/3801 https://www.exploit-db.com/exploits/3888 http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http://secunia.com/advisories/25012 http://secunia.com/advisories/25111 http://secunia.com/advisories/25167 http://secunia.com/advisories/25239 http://secunia.com/advisories/25346 http://secunia.com/advisories/25359 http://secunia.com/advisories/25466 http://secunia.com/advisories/25573 http://secunia.com/advisories/28 • CWE-787: Out-of-bounds Write •

1...6 7 8 9