|
|
Subscribe / Log in / New account

gimp: arbitrary code execution

Package(s):gimp CVE #(s):CVE-2011-1782
Created:May 31, 2011 Updated:August 22, 2011
Description: From the Mandriva advisory:

Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image.

Alerts:
Debian DSA-2426-1 gimp 2012-03-06
Ubuntu USN-1147-1 gimp 2011-06-13
Fedora FEDORA-2011-7397 gimp 2011-05-25
Fedora FEDORA-2011-7393 gimp 2011-05-25
openSUSE openSUSE-SU-2011:0586-1 gimp 2011-06-06
Mandriva MDVSA-2011:103 gimp 2011-05-29
Fedora FEDORA-2011-7371 gimp 2011-05-25
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds