CVE-2007-2356 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2356
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2356

Description: Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33911 UBUNTU http://www.ubuntu.com/usn/usn-467-1 SUSE http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 ST 1018092 SAID Secunia Advisory: SA25359 Secunia Advisory: SA25346 Secunia Advisory: SA25239 Secunia Advisory: SA25167 Secunia Advisory: SA25012 Secunia Advisory: SA25111 Secunia Advisory: SA25466 Secunia Advisory: SA25573 Secunia Advisory: SA28114 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0343.html MILW0RM http://milw0rm.com/exploits/3801 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:108 GENTOO http://security.gentoo.org/glsa/glsa-200705-08.xml DEBIAN http://www.debian.org/security/2007/dsa-1301 CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/467231/100/0/threaded BID 23680

Return to the previous page.