CVE-2007-2949 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2949
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2949

Description: Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/35246 UBUNTU http://www.ubuntu.com/usn/usn-480-1 SUSE http://www.novell.com/linux/security/advisories/2007_15_sr.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 SLACKWARE http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191 SAID Secunia Advisory: SA26575 Secunia Advisory: SA26384 Secunia Advisory: SA26215 Secunia Advisory: SA26132 Secunia Advisory: SA25949 Secunia Advisory: SA26044 Secunia Advisory: SA25677 Secunia Advisory: SA26939 Secunia Advisory: SA28114 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0513.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5772 MISC http://secunia.com/secunia_research/2007-63/advisory/ MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 GENTOO http://security.gentoo.org/glsa/glsa-200707-09.xml DEBIAN http://www.debian.org/security/2007/dsa-1335 CONFIRM http://issues.foresightlinux.org/browse/FL-457 http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798 CERT-VN 399896 BID 24745

Return to the previous page.