CVE-2006-3404

Related Files

Debian Linux Security Advisory 1116-1

Posted Jul 24, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1116-1 - Henning Makholm discovered a buffer overflow in the XCF loading code of Gimp, an image editing program. Opening a specially crafted XCF image might cause the application to execute arbitrary code.

tags | advisory, overflow, arbitrary

systems | linux, debian

advisories | CVE-2006-3404

SHA-256 | 3276eb1cf1d81e63f22f1b14a657cbc92b08bb69e6c31914abf2559d1f9f2ac7

Download | Favorite | View

Mandriva Linux Security Advisory 2006.127

Posted Jul 20, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-127 - A buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp 2.2.x allows user-complicit attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

tags | advisory, denial of service, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2006-3404

SHA-256 | 967a800b44fe0c9c4bd16b830b08528320685a407834389b574777cceeea8a06

Download | Favorite | View

Ubuntu Security Notice 312-1

Posted Jul 12, 2006

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 312-1 - Henning Makholm discovered that the gimp does not sufficiently validate the 'num_axes' parameter in XCF files. By tricking a user into opening a specially crafted XCF file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges.

tags | advisory, arbitrary

systems | linux, ubuntu

advisories | CVE-2006-3404

SHA-256 | fc69650f5c8d4e00e9efe185a3bbd68de6da78a1e1cfe56b2aedc66377f68f8a

Download | Favorite | View