CVE-2007-3741

Published: 27 August 2007

The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.

Priority

Status

Package	Release	Status
gimp Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	edgy	Ignored (end of life, was needed)
	feisty	Ignored (end of life, was needed)
	gutsy	Ignored (end of life, was needed)
	hardy	Not vulnerable (2.4.5-1ubuntu2)
	intrepid	Not vulnerable (2.4.6-1ubuntu1)
	jaunty	Not vulnerable (2.4.6-1ubuntu1)
	karmic	Not vulnerable (2.4.6-1ubuntu1)
	upstream	Released (2.2.16)
	Patches: upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22865 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22866 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22885 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22877 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22883 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=22915 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=23394 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=23409 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=23574 upstream: http://svn.gnome.org/viewvc/gimp?view=revision&revision=24670

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›