Unrated severityNVD Advisory· Published Nov 13, 2009· Updated Apr 23, 2026
CVE-2009-1570
CVE-2009-1570
Description
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- git.gnome.org/cgit/gimp/commit/nvdPatchVendor Advisory
- www.vupen.com/english/advisories/2009/3228nvdBroken LinkPatch
- lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201209-23.xmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/507813/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/37006nvdBroken LinkThird Party AdvisoryVDB Entry
- bugzilla.gnome.org/show_bug.cginvdIssue TrackingThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/54254nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/37232nvdBroken Link
- secunia.com/advisories/50737nvdBroken Link
- secunia.com/secunia_research/2009-42/nvdBroken Link
- www.osvdb.org/59930nvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0837.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0838.htmlnvdBroken Link
- www.vupen.com/english/advisories/2009/3564nvdBroken Link
- www.vupen.com/english/advisories/2010/1021nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8290nvdTool Signature
News mentions
0No linked articles in our index yet.