PT-2009-4060 · Gnu+1 · Gimp+1

Published

2009-11-13

Updated

2022-02-07

CVE-2009-1570

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.7

Description: The issue is related to an integer overflow in the ReadImage function, specifically in the plug-ins/file-bmp/bmp-read.c file. This overflow can be triggered by a BMP file with manipulated width and height values, leading to a heap-based buffer overflow. This could potentially allow remote attackers to execute arbitrary code.

Recommendations: For GIMP version 2.6.7, consider disabling the ReadImage function in the plug-ins/file-bmp/bmp-read.c file as a temporary workaround until a patch is available. Restrict the use of BMP files with crafted width and height values to minimize the risk of exploitation.

Fix

RCE

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2009-1570

RHSA-2011:0837

RHSA-2011:0838

RHSA-2011_0837

RHSA-2011_0838

Affected Products

Gimp

Red Hat

PT-2009-4060 · Gnu+1 · Gimp+1

CVE-2009-1570

Weakness Enumeration

Related Identifiers

Affected Products

References · 33