CVE-2009-1570

Severity

93%

Complexity

86%

Confidentiality

165%

Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.

Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 15 years ago

2009-11-13 15:30:00

Last updated 6 years ago

2018-10-10 19:37:00

Affected Software

GIMP 2.6.7

2.6.7

References

http://git.gnome.org/cgit/gimp/commit/?h=gimp-2-6&id=df2b0aca2e7cdb95ebfd3454c65aaba0a83e9bbe

Patch

SUSE-SR:2010:009

37232

Vendor Advisory

50737

http://secunia.com/secunia_research/2009-42/

Vendor Advisory

GLSA-201209-23

59930

RHSA-2011:0837

RHSA-2011:0838

20091112 Secunia Research: Gimp BMP Image Parsing Integer Overflow Vulnerability

37006

ADV-2009-3228

Patch, Vendor Advisory

ADV-2009-3564

ADV-2010-1021

https://bugzilla.gnome.org/show_bug.cgi?id=600484

gimp-readimage-bo(54254)

oval:org.mitre.oval:def:8290

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.