rpm package
opensuse/gimp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gimp&distro=openSUSE%20Tumbleweed
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-4541 | — | < 2.8.18-1.4 | 2.8.18-1.4 | Jan 7, 2011 | Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lig | ||
| CVE-2010-4540 | — | < 2.8.18-1.4 | 2.8.18-1.4 | Jan 7, 2011 | Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code vi | ||
| CVE-2007-2949 | — | < 2.10.24-3.1 | 2.10.24-3.1 | Jul 4, 2007 | Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | ||
| CVE-2007-3126 | — | < 2.10.24-3.1 | 2.10.24-3.1 | Jun 8, 2007 | Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. | ||
| CVE-2007-2356 | — | < 2.10.24-3.1 | 2.10.24-3.1 | Apr 30, 2007 | Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file. | ||
| CVE-2006-3404 | — | < 2.10.24-3.1 | 2.10.24-3.1 | Jul 6, 2006 | Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property. |
- CVE-2010-4541Jan 7, 2011affected < 2.8.18-1.4fixed 2.8.18-1.4
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lig
- CVE-2010-4540Jan 7, 2011affected < 2.8.18-1.4fixed 2.8.18-1.4
Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code vi
- CVE-2007-2949Jul 4, 2007affected < 2.10.24-3.1fixed 2.10.24-3.1
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
- CVE-2007-3126Jun 8, 2007affected < 2.10.24-3.1fixed 2.10.24-3.1
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.
- CVE-2007-2356Apr 30, 2007affected < 2.10.24-3.1fixed 2.10.24-3.1
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
- CVE-2006-3404Jul 6, 2006affected < 2.10.24-3.1fixed 2.10.24-3.1
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
Page 2 of 2