Launchpad.net

CVE 2006-3404

Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.debian.org...
CONFIRM: http://bugzilla.gnome....
UBUNTU: USN-312-1
BID: 18877
OSVDB: 27037
SECUNIA: 20976
SECUNIA: 20979
CONFIRM: https://issues.rpath.c...
DEBIAN: DSA-1116
GENTOO: GLSA-200607-08
REDHAT: RHSA-2006:0598
SECTRACK: 1016527
SECUNIA: 21069
SECUNIA: 21104
SECUNIA: 21170
SECUNIA: 21182
SECUNIA: 21198
SUSE: SUSE-SR:2006:019
SUNALERT: 102720
SECUNIA: 23044
SECUNIA: 21459
MANDRIVA: MDKSA-2006:127
SUNALERT: 200070
VUPEN: ADV-2006-2703
VUPEN: ADV-2006-4634
XF: gimp-xcfloadvector-bo(...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20060724 rPSA-2006-013...
BUGTRAQ: 20060724 ERRATA: [ GLS...
BUGTRAQ: 20060724 Re: [ GLSA 20...

Launchpad.net

CVE 2006-3404

Related bugs

References