// For flags

CVE-2007-2949

Gimp PSD integer overflow

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

Desbordamiento de entero en la función seek_to_and_unpack_pixeldata de la extensión psd.c en Gimp 2.2.15 permite a atacantes remotos ejecutar código de su elección mediante un archivo PSD manipulado que contiene un valor grande de (1) anchura o (2) altura.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-05-31 CVE Reserved
  • 2007-07-04 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (32)
URL Tag Source
http://issues.foresightlinux.org/browse/FL-457 Broken Link
http://osvdb.org/37804 Broken Link
http://secunia.com/advisories/25949 Broken Link
http://secunia.com/advisories/26044 Broken Link
http://secunia.com/advisories/26132 Broken Link
http://secunia.com/advisories/26215 Broken Link
http://secunia.com/advisories/26384 Broken Link
http://secunia.com/advisories/26575 Broken Link
http://secunia.com/advisories/26939 Broken Link
http://secunia.com/advisories/28114 Broken Link
http://www.kb.cert.org/vuls/id/399896 Third Party Advisory
http://www.securityfocus.com/bid/24745 Broken Link
http://www.vupen.com/english/advisories/2007/2421 Broken Link
http://www.vupen.com/english/advisories/2007/4241 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/35246 Third Party Advisory
https://issues.rpath.com/browse/RPL-1487 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772 Signature
URL Date SRC
URL Date SRC
http://secunia.com/advisories/25677 2022-02-07
http://secunia.com/secunia_research/2007-63/advisory 2022-02-07
URL Date SRC
http://security.gentoo.org/glsa/glsa-200707-09.xml 2022-02-07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 2022-02-07
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 2022-02-07
http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798 2022-02-07
http://www.debian.org/security/2007/dsa-1335 2022-02-07
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 2022-02-07
http://www.novell.com/linux/security/advisories/2007_15_sr.html 2022-02-07
http://www.redhat.com/support/errata/RHSA-2007-0513.html 2022-02-07
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191 2022-02-07
http://www.ubuntu.com/usn/usn-480-1 2022-02-07
https://access.redhat.com/security/cve/CVE-2007-2949 2007-09-26
https://bugzilla.redhat.com/show_bug.cgi?id=244400 2007-09-26
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gimp
Search vendor "Gimp"
 Gimp
Search vendor "Gimp" for product "Gimp"
 <= 2.2.15
Search vendor "Gimp" for product "Gimp" and version " <= 2.2.15"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.06
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 7.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04"
-
Affected