ID CVE-2007-2949
Summary Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
References
Vulnerable Configurations
  • cpe:2.3:a:gimp:gimp:-:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:-:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.16:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.17:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.18:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.19:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.20:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.21:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.22:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.23:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.24:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.24:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.25:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.25:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.27:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.27:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.28:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.28:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:0.99.29:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:0.99.29:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.19:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.20:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.21:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.22:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.23:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.24:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.24:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.25:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.25:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.26:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.26:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.27:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.27:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.28:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.28:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.29:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.29:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.30:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.30:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.31:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.31:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.1.32:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.1.32:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.2:pre1:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.2:pre1:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.2:pre2:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.2:pre2:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.2:pre3:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.2:pre3:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.3:pre1:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.3:pre1:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.3:pre2:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.3:pre2:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.13:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.15:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.16:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.17:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.18:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.19:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.20:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.21:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.22:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.23:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.24:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.24:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.25:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.25:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.26:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.26:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:1.3.27:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:1.3.27:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2:pre1:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2:pre1:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2:pre2:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2:pre2:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gimp:gimp:2.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.2.15:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 07-02-2022 - 17:48)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:12:51.227-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
    family unix
    id oval:org.mitre.oval:def:11276
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
    version 31
  • accepted 2008-10-20T04:00:22.365-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 9 (x86) is installed
      oval oval:org.mitre.oval:def:1683
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
    family unix
    id oval:org.mitre.oval:def:5772
    status accepted
    submitted 2008-09-11T11:37:41.000-04:00
    title PSD Plugin of Gimp vulnerability
    version 35
redhat via4
advisories
rhsa
id RHSA-2007:0513
rpms
  • gimp-1:1.2.1-7.8.el2_1
  • gimp-1:1.2.3-20.9.el3
  • gimp-1:2.0.5-7.0.7.el4
  • gimp-2:2.2.13-2.0.7.el5
  • gimp-debuginfo-1:2.0.5-7.0.7.el4
  • gimp-debuginfo-2:2.2.13-2.0.7.el5
  • gimp-devel-1:1.2.1-7.8.el2_1
  • gimp-devel-1:1.2.3-20.9.el3
  • gimp-devel-1:2.0.5-7.0.7.el4
  • gimp-devel-2:2.2.13-2.0.7.el5
  • gimp-libs-2:2.2.13-2.0.7.el5
  • gimp-perl-1:1.2.1-7.8.el2_1
  • gimp-perl-1:1.2.3-20.9.el3
refmap via4
bid 24745
cert-vn VU#399896
confirm
debian DSA-1335
gentoo GLSA-200707-09
mandriva MDKSA-2007:170
misc http://secunia.com/secunia_research/2007-63/advisory/
osvdb 37804
secunia
  • 25677
  • 25949
  • 26044
  • 26132
  • 26215
  • 26384
  • 26575
  • 26939
  • 28114
slackware SSA:2007-222-01
sunalert
  • 103170
  • 201320
suse SUSE-SR:2007:015
ubuntu USN-480-1
vupen
  • ADV-2007-2421
  • ADV-2007-4241
xf gimp-unpackpixeldata-code-execution(35246)
Last major update 07-02-2022 - 17:48
Published 04-07-2007 - 15:30
Last modified 07-02-2022 - 17:48
Back to Top