CVE-2009-3909

Priority
Medium
Description
Integer overflow in the read_channel_data function in
plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to
execute arbitrary code via a crafted PSD file that triggers a heap-based
buffer overflow.
References
Bugs
Package
Source: gimp (LP Ubuntu Debian)
Upstream:released (2.6.7-1.1)
Ubuntu 8.04 LTS (Hardy Heron):not-affected (code-not-present)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (2.6.7-1.1ubuntu1)
Patches:
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=9cc8d78ff33b7a36852b74e64b427489cad44d0e
Upstream:http://git.gnome.org/cgit/gimp/commit/?id=0e440cb6d4d6ee029667363d244aff61b154c33c
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:21 UTC (commit 5347)