CVE-2006-4519

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
References
Link Resource
http://bugzilla.gnome.org/show_bug.cgi?id=451379 Issue Tracking Third Party Advisory
http://developer.gimp.org/NEWS-2.2 Broken Link
http://issues.foresightlinux.org/browse/FL-457 Broken Link
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 Broken Link
http://osvdb.org/42139 Broken Link
http://osvdb.org/42140 Broken Link
http://osvdb.org/42141 Broken Link
http://osvdb.org/42142 Broken Link
http://osvdb.org/42143 Broken Link
http://osvdb.org/42144 Broken Link
http://osvdb.org/42145 Broken Link
http://secunia.com/advisories/26132 Broken Link
http://secunia.com/advisories/26215 Broken Link
http://secunia.com/advisories/26240 Broken Link
http://secunia.com/advisories/26575 Broken Link
http://secunia.com/advisories/26939 Broken Link
http://security.gentoo.org/glsa/glsa-200707-09.xml Third Party Advisory
http://www.debian.org/security/2007/dsa-1335 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0513.html Third Party Advisory
http://www.securityfocus.com/archive/1/475257/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/24835 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018349 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-494-1 Third Party Advisory
http://www.vupen.com/english/advisories/2007/2471 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/35308 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842 Tool Signature
http://bugzilla.gnome.org/show_bug.cgi?id=451379 Issue Tracking Third Party Advisory
http://developer.gimp.org/NEWS-2.2 Broken Link
http://issues.foresightlinux.org/browse/FL-457 Broken Link
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 Broken Link
http://osvdb.org/42139 Broken Link
http://osvdb.org/42140 Broken Link
http://osvdb.org/42141 Broken Link
http://osvdb.org/42142 Broken Link
http://osvdb.org/42143 Broken Link
http://osvdb.org/42144 Broken Link
http://osvdb.org/42145 Broken Link
http://secunia.com/advisories/26132 Broken Link
http://secunia.com/advisories/26215 Broken Link
http://secunia.com/advisories/26240 Broken Link
http://secunia.com/advisories/26575 Broken Link
http://secunia.com/advisories/26939 Broken Link
http://security.gentoo.org/glsa/glsa-200707-09.xml Third Party Advisory
http://www.debian.org/security/2007/dsa-1335 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0513.html Third Party Advisory
http://www.securityfocus.com/archive/1/475257/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/24835 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018349 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-494-1 Third Party Advisory
http://www.vupen.com/english/advisories/2007/2471 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/35308 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842 Tool Signature
Configurations

Configuration 1 (hide)

cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:16

Type Values Removed Values Added
References () http://bugzilla.gnome.org/show_bug.cgi?id=451379 - Issue Tracking, Third Party Advisory () http://bugzilla.gnome.org/show_bug.cgi?id=451379 - Issue Tracking, Third Party Advisory
References () http://developer.gimp.org/NEWS-2.2 - Broken Link () http://developer.gimp.org/NEWS-2.2 - Broken Link
References () http://issues.foresightlinux.org/browse/FL-457 - Broken Link () http://issues.foresightlinux.org/browse/FL-457 - Broken Link
References () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 - Broken Link () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 - Broken Link
References () http://osvdb.org/42139 - Broken Link () http://osvdb.org/42139 - Broken Link
References () http://osvdb.org/42140 - Broken Link () http://osvdb.org/42140 - Broken Link
References () http://osvdb.org/42141 - Broken Link () http://osvdb.org/42141 - Broken Link
References () http://osvdb.org/42142 - Broken Link () http://osvdb.org/42142 - Broken Link
References () http://osvdb.org/42143 - Broken Link () http://osvdb.org/42143 - Broken Link
References () http://osvdb.org/42144 - Broken Link () http://osvdb.org/42144 - Broken Link
References () http://osvdb.org/42145 - Broken Link () http://osvdb.org/42145 - Broken Link
References () http://secunia.com/advisories/26132 - Broken Link () http://secunia.com/advisories/26132 - Broken Link
References () http://secunia.com/advisories/26215 - Broken Link () http://secunia.com/advisories/26215 - Broken Link
References () http://secunia.com/advisories/26240 - Broken Link () http://secunia.com/advisories/26240 - Broken Link
References () http://secunia.com/advisories/26575 - Broken Link () http://secunia.com/advisories/26575 - Broken Link
References () http://secunia.com/advisories/26939 - Broken Link () http://secunia.com/advisories/26939 - Broken Link
References () http://security.gentoo.org/glsa/glsa-200707-09.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-200707-09.xml - Third Party Advisory
References () http://www.debian.org/security/2007/dsa-1335 - Third Party Advisory () http://www.debian.org/security/2007/dsa-1335 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 - Broken Link
References () http://www.redhat.com/support/errata/RHSA-2007-0513.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2007-0513.html - Third Party Advisory
References () http://www.securityfocus.com/archive/1/475257/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/475257/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/24835 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/24835 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id?1018349 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id?1018349 - Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/usn-494-1 - Third Party Advisory () http://www.ubuntu.com/usn/usn-494-1 - Third Party Advisory
References () http://www.vupen.com/english/advisories/2007/2471 - Broken Link () http://www.vupen.com/english/advisories/2007/2471 - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/35308 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/35308 - Third Party Advisory, VDB Entry
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842 - Tool Signature () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842 - Tool Signature

Information

Published : 2007-07-10 18:30

Updated : 2024-11-21 00:16


NVD link : CVE-2006-4519

Mitre link : CVE-2006-4519

CVE.ORG link : CVE-2006-4519


JSON object : View

Products Affected

gimp

  • gimp
CWE
CWE-190

Integer Overflow or Wraparound