// For flags

CVE-2006-3404

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

Un desbordamiento de búfer en la función xcf_load_vector en app/xcf/xcf-load.c para versiones de gimp anteriores a la 2.2.12 permite provocar una denegación de servicio a atacantes con la ayuda de usuarios locales provocando asimismo una caída de la aplicación y posiblemente también ejecutar código arbitrario a través de un archivo XCF con un valor num_axes demasiado alto en la propiedad VECTORS.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-07-06 CVE Reserved
  • 2006-07-06 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (33)
URL Tag Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049 Third Party Advisory
http://bugzilla.gnome.org/show_bug.cgi?id=346742 Issue Tracking
http://secunia.com/advisories/20976 Broken Link
http://secunia.com/advisories/20979 Broken Link
http://secunia.com/advisories/21069 Broken Link
http://secunia.com/advisories/21104 Broken Link
http://secunia.com/advisories/21170 Broken Link
http://secunia.com/advisories/21182 Broken Link
http://secunia.com/advisories/21198 Broken Link
http://secunia.com/advisories/21459 Broken Link
http://secunia.com/advisories/23044 Broken Link
http://securitytracker.com/id?1016527 Broken Link
http://www.osvdb.org/27037 Broken Link
http://www.securityfocus.com/archive/1/440987/100/0/threaded Broken Link
http://www.securityfocus.com/archive/1/441012/100/0/threaded Broken Link
http://www.securityfocus.com/archive/1/441030/100/0/threaded Broken Link
http://www.vupen.com/english/advisories/2006/2703 Broken Link
http://www.vupen.com/english/advisories/2006/4634 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/27687 Third Party Advisory
https://issues.rpath.com/browse/RPL-522 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11259 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5908 Signature
URL Date SRC
URL Date SRC
http://www.securityfocus.com/bid/18877 2022-02-07
URL Date SRC
http://security.gentoo.org/glsa/glsa-200607-08.xml 2022-02-07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102720-1 2022-02-07
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200070-1 2022-02-07
http://www.debian.org/security/2006/dsa-1116 2022-02-07
http://www.mandriva.com/security/advisories?name=MDKSA-2006:127 2022-02-07
http://www.novell.com/linux/security/advisories/2006_19_sr.html 2022-02-07
http://www.redhat.com/support/errata/RHSA-2006-0598.html 2022-02-07
http://www.ubuntu.com/usn/usn-312-1 2022-02-07
https://access.redhat.com/security/cve/CVE-2006-3404 2006-07-18
https://bugzilla.redhat.com/show_bug.cgi?id=1618141 2006-07-18
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gimp
Search vendor "Gimp"
 Gimp
Search vendor "Gimp" for product "Gimp"
 < 2.2.12
Search vendor "Gimp" for product "Gimp" and version " < 2.2.12"
-
Affected