CVE Reference: CVE-2011-1178

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-1178

Description:
Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/67787

ST
  1025586

SAID
  Secunia Advisory: SA50737

REDHAT
  http://www.redhat.com/support/errata/RHSA-2011-0838.html
  http://www.redhat.com/support/errata/RHSA-2011-0837.html

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:110

GENTOO
  http://security.gentoo.org/glsa/glsa-201209-23.xml

CONFIRM
  http://git.gnome.org/browse/gimp/commit/?id=a9671395f6573e90316a9d748588c5435216f6ce

BID
  48057


Return to the previous page.