Computer Security
[EN] securityvulns.ru no-pyccku


GNU GIMP memory corruption
Published:09.12.2013
Source:
SecurityVulns ID:13451
Type:local
Threat Level:
4/10
Description:Memory corruption on XWD files parsing.
Affected:GNU : gimp 2.8
CVE:CVE-2013-1978 (Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.)
 CVE-2013-1913 (Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump.)
Original documentdocumentUBUNTU, [USN-2051-1] GIMP vulnerability (09.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod