Launchpad.net

CVE 2007-2949

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

Related bugs and status

CVE-2007-2949 (Candidate) is related to these bugs:

Bug #123972: Gimp PSD Plugin Integer Overflow Vulnerability

Summary				In	Importance	Status
	123972	Gimp PSD Plugin Integer Overflow Vulnerability		gimp (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/sec...
UBUNTU: USN-480-1
BID: 24745
SECUNIA: 25677
SECUNIA: 25949
CONFIRM: https://issues.rpath.c...
SECUNIA: 26044
DEBIAN: DSA-1335
SECUNIA: 26132
GENTOO: GLSA-200707-09
SECUNIA: 26215
CONFIRM: http://issues.foresigh...
SUSE: SUSE-SR:2007:015
SECUNIA: 26384
CERT-VN: VU#399896
SECUNIA: 26575
REDHAT: RHSA-2007:0513
SECUNIA: 26939
MANDRIVA: MDKSA-2007:170
SUNALERT: 103170
SECUNIA: 28114
SUNALERT: 201320
VUPEN: ADV-2007-2421
VUPEN: ADV-2007-4241
OSVDB: 37804
CONFIRM: http://svn.gnome.org/v...
SLACKWARE: SSA:2007-222-01
XF: gimp-unpackpixeldata-c...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...