CVE-2006-4519
GIMP < 2.2.16 - Remote Code Execution via Integer Overflow in Image Loader Plug-ins
Title source: llmDescription
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
References (27)
Core 27
Core References
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26132
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2471
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475257/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35308
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42139
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200707-09.xml
Tool Signature vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26240
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42141
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26575
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42140
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-494-1
Issue Tracking, Third Party Advisory x_refsource_confirm
http://bugzilla.gnome.org/show_bug.cgi?id=451379
Broken Link x_refsource_confirm
http://developer.gimp.org/NEWS-2.2
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0513.html
Broken Link third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42143
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42145
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24835
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26215
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018349
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42144
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2007/dsa-1335
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26939
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/42142
Broken Link x_refsource_confirm
http://issues.foresightlinux.org/browse/FL-457
Scores
EPSS
0.0560
EPSS Percentile
91.9%
Details
CWE
CWE-190
Status
published
Products (1)
gimp/gimp
< 2.2.16
Published
Jul 10, 2007
Tracked Since
Feb 18, 2026