PT-2007-3689 · Gnu+1 · Sunras Plugin+2

Published

2007-04-30

Updated

2024-06-15

CVE-2007-2356

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Gimp version 2.2.14

Description A stack-based buffer overflow issue exists in the set color table function in sunras.c within the SUNRAS plugin. This allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.

Recommendations For Gimp version 2.2.14, consider updating to a newer version that addresses this issue, as using a crafted RAS file could lead to arbitrary code execution. As a temporary workaround, avoid using the SUNRAS plugin until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2007-2356

DSA-1301-1

OPENSUSE-SU-2024:10785-1

RHSA-2007:0343

RHSA-2007_0343

Affected Products

Gimp

Red Hat

Sunras Plugin

PT-2007-3689 · Gnu+1 · Sunras Plugin+2

CVE-2007-2356

Weakness Enumeration

Related Identifiers

Affected Products

References · 40