CVE-2009-1570

Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.7

Description: The issue is related to an integer overflow in the ReadImage function, specifically in the plug-ins/file-bmp/bmp-read.c file. This overflow can be triggered by a BMP file with manipulated width and height values, leading to a heap-based buffer overflow. This could potentially allow remote attackers to execute arbitrary code.

Recommendations: For GIMP version 2.6.7, consider disabling the ReadImage function in the plug-ins/file-bmp/bmp-read.c file as a temporary workaround until a patch is available. Restrict the use of BMP files with crafted width and height values to minimize the risk of exploitation.