Vulnerability Description
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gimp | Gimp | < 2.2.16 |
Related Weaknesses (CWE)
References
- http://bugzilla.gnome.org/show_bug.cgi?id=451379Issue TrackingThird Party Advisory
- http://developer.gimp.org/NEWS-2.2Broken Link
- http://issues.foresightlinux.org/browse/FL-457Broken Link
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551Broken Link
- http://osvdb.org/42139Broken Link
- http://osvdb.org/42140Broken Link
- http://osvdb.org/42141Broken Link
- http://osvdb.org/42142Broken Link
- http://osvdb.org/42143Broken Link
- http://osvdb.org/42144Broken Link
- http://osvdb.org/42145Broken Link
- http://secunia.com/advisories/26132Broken Link
- http://secunia.com/advisories/26215Broken Link
- http://secunia.com/advisories/26240Broken Link
- http://secunia.com/advisories/26575Broken Link
FAQ
What is CVE-2006-4519?
CVE-2006-4519 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (...
How severe is CVE-2006-4519?
CVE-2006-4519 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4519?
Check the references section above for vendor advisories and patch information. Affected products include: Gimp Gimp.