CVE-2010-4543
Published: 7 January 2011
Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.
Priority
Status
Package | Release | Status |
---|---|---|
gimp Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(2.4.5-1ubuntu2.3)
|
|
karmic |
Released
(2.6.7-1ubuntu1.2)
|
|
lucid |
Released
(2.6.8-2ubuntu1.2)
|
|
maverick |
Released
(2.6.10-1ubuntu3.2)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://git.gnome.org/browse/gimp/commit/?id=48ec15890e1751dede061f6d1f469b6508c13439 |