CVE-2006-4519

Current Description

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.

Basic Data

PublishedJuly 10, 2007
Last ModifiedOctober 17, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-189
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.8
SeverityMEDIUM
Exploitability Score8.6
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationThe Gimp TeamGimp2.2.3*******
    2.3ApplicationThe Gimp TeamGimp2.2.4*******
    2.3ApplicationThe Gimp TeamGimp2.2.6*******
    2.3ApplicationThe Gimp TeamGimp2.2.8*******
    2.3ApplicationThe Gimp TeamGimp2.2.9*******
    2.3ApplicationThe Gimp TeamGimp2.2.10*******
    2.3ApplicationThe Gimp TeamGimp2.2.11*******
    2.3ApplicationThe Gimp TeamGimp2.2.12*******
    2.3ApplicationThe Gimp TeamGimp2.2.14*******
    2.3ApplicationThe Gimp TeamGimp2.2.15*******

Vulnerable Software List

VendorProductVersions
The Gimp Team Gimp 2.2.10, 2.2.11, 2.2.12, 2.2.14, 2.2.15, 2.2.3, 2.2.4, 2.2.6, 2.2.8, 2.2.9

References

NameSourceURLTags
http://bugzilla.gnome.org/show_bug.cgi?id=451379http://bugzilla.gnome.org/show_bug.cgi?id=451379CONFIRM
http://developer.gimp.org/NEWS-2.2http://developer.gimp.org/NEWS-2.2CONFIRM
http://issues.foresightlinux.org/browse/FL-457http://issues.foresightlinux.org/browse/FL-457CONFIRM
20070709 Multiple Vendor GIMP Multiple Integer Overflow Vulnerabilitieshttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551IDEFENSEVendor Advisory
42139http://osvdb.org/42139OSVDB
42140http://osvdb.org/42140OSVDB
42141http://osvdb.org/42141OSVDB
42142http://osvdb.org/42142OSVDB
42143http://osvdb.org/42143OSVDB
42144http://osvdb.org/42144OSVDB
42145http://osvdb.org/42145OSVDB
26132http://secunia.com/advisories/26132SECUNIA
26215http://secunia.com/advisories/26215SECUNIA
26240http://secunia.com/advisories/26240SECUNIA
26575http://secunia.com/advisories/26575SECUNIA
26939http://secunia.com/advisories/26939SECUNIA
GLSA-200707-09http://security.gentoo.org/glsa/glsa-200707-09.xmlGENTOO
DSA-1335http://www.debian.org/security/2007/dsa-1335DEBIAN
MDKSA-2007:170http://www.mandriva.com/security/advisories?name=MDKSA-2007:170MANDRIVA
RHSA-2007:0513http://www.redhat.com/support/errata/RHSA-2007-0513.htmlREDHAT
20070801 FLEA-2007-0038-1 gimphttp://www.securityfocus.com/archive/1/475257/100/0/threadedBUGTRAQ
24835http://www.securityfocus.com/bid/24835BID
1018349http://www.securitytracker.com/id?1018349SECTRACK
USN-494-1http://www.ubuntu.com/usn/usn-494-1UBUNTU
ADV-2007-2471http://www.vupen.com/english/advisories/2007/2471VUPEN
gimp-plugins-code-execution(35308)https://exchange.xforce.ibmcloud.com/vulnerabilities/35308XF
oval:org.mitre.oval:def:10842https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842OVAL