PT-2012-4694 · Adobe+3 · Photoshop+3
Jan Lieskovsky
·
Published
2012-08-20
·
Updated
2023-02-13
·
CVE-2012-3402
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
GIMP versions 2.2.13 and earlier
Description
The issue is related to an integer overflow in the Adobe Photoshop PSD plugin, specifically in the psd.c file. This overflow can be triggered by a crafted channels header value in a PSD image file, leading to a heap-based buffer overflow. As a result, remote attackers may cause a denial of service or possibly execute arbitrary code.
Recommendations
For GIMP versions 2.2.13 and earlier, update to a version later than 2.2.13 to resolve the issue.
Fix
DoS
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Photoshop
Gimp
Red Hat
Suse