CVE-2009-1570

Priority
Medium
Description
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c
in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a
BMP file with crafted width and height values that trigger a heap-based
buffer overflow.
References
Bugs
Package
Source: gimp (LP Ubuntu Debian)
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):released (2.4.5-1ubuntu2.1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (2.6.7-1.1ubuntu1)
Patches:
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=e3afc99b2fa7aeddf0dba4778663160a5bc682d3
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=43d57c666346320436a0b668de5525387952784e
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=f63ba36dd9cc01ca6da83fa05ddd12419ad8953e
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=16e6a37687bb4b9748c5a5d166d90f5d5bd2e9f3
Vendor:https://bugzilla.redhat.com/attachment.cgi?id=374812
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:50 UTC (commit 5347)