Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3404

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-3404
Last Modified 07 Mar 2011 09:38:35
Published 06 Jul 2006 04:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3404

Summary

Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

Vulnerable Systems

Application

  • The Gimp Team Gimp 2.2.11

  • The Gimp Team Gimp 2.2.6

  • The Gimp Team Gimp 2.2.8

  • The Gimp Team Gimp 2.2.9

  • The Gimp Team Gimp 2.3.9


References

BID - 18877

SECUNIA - 20979

CONFIRM - https://issues.rpath.com/browse/RPL-522

XF - gimp-xcfloadvector-bo(27687)

VUPEN - ADV-2006-4634

VUPEN - ADV-2006-2703

UBUNTU - USN-312-1

BUGTRAQ - 20060724 rPSA-2006-0135-1 gimp

BUGTRAQ - 20060724 ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow

BUGTRAQ - 20060724 Re: [ GLSA 200607-08 ] GIMP: Buffer overflow

REDHAT - RHSA-2006:0598

OSVDB - 27037

SUSE - SUSE-SR:2006:019

DEBIAN - DSA-1116

SECTRACK - 1016527

GENTOO - GLSA-200607-08

SECUNIA - 21198

SECUNIA - 21182

SECUNIA - 21170

SECUNIA - 21104

SECUNIA - 21069

SECUNIA - 20976

CONFIRM - http://bugzilla.gnome.org/show_bug.cgi?id=346742

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049

MANDRIVA - MDKSA-2006:127

SUNALERT - 200070

SUNALERT - 102720

SECUNIA - 23044

SECUNIA - 21459


Last Updated: 27 May 2016 10:42:59