CVE-2006-4519 Information

Description

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM (2) PNM (3) PSD (4) PSP (5) Sun RAS (6) XBM and (7) XWD files.

Reference

http://bugzilla.gnome.org/show_bug.cgi?id=451379 http://developer.gimp.org/NEWS-2.2 http://issues.foresightlinux.org/browse/FL-457 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551 http://osvdb.org/42139 http://osvdb.org/42140 http://osvdb.org/42141 http://osvdb.org/42142 http://osvdb.org/42143 http://osvdb.org/42144 http://osvdb.org/42145 http://secunia.com/advisories/26132 http://secunia.com/advisories/26215 http://secunia.com/advisories/26240 http://secunia.com/advisories/26575 http://secunia.com/advisories/26939 http://security.gentoo.org/glsa/glsa-200707-09.xml http://www.debian.org/security/2007/dsa-1335 http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 http://www.redhat.com/support/errata/RHSA-2007-0513.html http://www.securityfocus.com/archive/1/475257/100/0/threaded http://www.securityfocus.com/bid/24835 http://www.securitytracker.com/id?1018349 http://www.ubuntu.com/usn/usn-494-1 http://www.vupen.com/english/advisories/2007/2471 https://exchange.xforce.ibmcloud.com/vulnerabilities/35308 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10842