CVE-2006-4519
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.084 Low
EPSS
Percentile
94.4%
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
Affected configurations
References
bugzilla.gnome.org/show_bug.cgi?id=451379
developer.gimp.org/NEWS-2.2
issues.foresightlinux.org/browse/FL-457
labs.idefense.com/intelligence/vulnerabilities/display.php?id=551
osvdb.org/42139
osvdb.org/42140
osvdb.org/42141
osvdb.org/42142
osvdb.org/42143
osvdb.org/42144
osvdb.org/42145
secunia.com/advisories/26132
secunia.com/advisories/26215
secunia.com/advisories/26240
secunia.com/advisories/26575
secunia.com/advisories/26939
security.gentoo.org/glsa/glsa-200707-09.xml
www.debian.org/security/2007/dsa-1335
www.mandriva.com/security/advisories?name=MDKSA-2007:170
www.redhat.com/support/errata/RHSA-2007-0513.html
www.securityfocus.com/archive/1/475257/100/0/threaded
www.securityfocus.com/bid/24835
www.securitytracker.com/id?1018349
www.ubuntu.com/usn/usn-494-1
www.vupen.com/english/advisories/2007/2471
exchange.xforce.ibmcloud.com/vulnerabilities/35308
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.084 Low
EPSS
Percentile
94.4%