CVE-2009-1570
Published: 13 November 2009
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
Priority
Status
Package | Release | Status |
---|---|---|
gimp Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(2.4.5-1ubuntu2.1)
|
|
intrepid |
Released
(2.6.1-1ubuntu3.1)
|
|
jaunty |
Released
(2.6.6-0ubuntu1.1)
|
|
karmic |
Released
(2.6.7-1ubuntu1.1)
|
|
upstream |
Needed
|
|
Patches: upstream: http://git.gnome.org/cgit/gimp/commit/?id=e3afc99b2fa7aeddf0dba4778663160a5bc682d3 upstream: http://git.gnome.org/cgit/gimp/commit/?id=43d57c666346320436a0b668de5525387952784e upstream: http://git.gnome.org/cgit/gimp/commit/?id=f63ba36dd9cc01ca6da83fa05ddd12419ad8953e upstream: http://git.gnome.org/cgit/gimp/commit/?id=16e6a37687bb4b9748c5a5d166d90f5d5bd2e9f3 vendor: https://bugzilla.redhat.com/attachment.cgi?id=374812 |