Unrated severityNVD Advisory· Published Jul 6, 2006· Updated Apr 16, 2026
CVE-2006-3404
CVE-2006-3404
Description
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- www.securityfocus.com/bid/18877nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- bugzilla.gnome.org/show_bug.cginvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/glsa-200607-08.xmlnvdThird Party Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.debian.org/security/2006/dsa-1116nvdThird Party Advisory
- www.securityfocus.com/archive/1/440987/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/441012/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/441030/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-312-1nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/27687nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/20976nvdBroken Link
- secunia.com/advisories/20979nvdBroken Link
- secunia.com/advisories/21069nvdBroken Link
- secunia.com/advisories/21104nvdBroken Link
- secunia.com/advisories/21170nvdBroken Link
- secunia.com/advisories/21182nvdBroken Link
- secunia.com/advisories/21198nvdBroken Link
- secunia.com/advisories/21459nvdBroken Link
- secunia.com/advisories/23044nvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.novell.com/linux/security/advisories/2006_19_sr.htmlnvdBroken Link
- www.osvdb.org/27037nvdBroken Link
- www.redhat.com/support/errata/RHSA-2006-0598.htmlnvdBroken Link
- www.vupen.com/english/advisories/2006/2703nvdBroken Link
- www.vupen.com/english/advisories/2006/4634nvdBroken Link
- issues.rpath.com/browse/RPL-522nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11259nvdTool Signature
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5908nvdTool Signature
News mentions
0No linked articles in our index yet.