CVE-2009-3909
- EPSS 8.69%
- Veröffentlicht 19.11.2009 00:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:36
Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.
CVE-2009-1570
- EPSS 8.04%
- Veröffentlicht 13.11.2009 15:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:32
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
CVE-2009-0733
- EPSS 5.53%
- Veröffentlicht 23.03.2009 14:19:12
- Zuletzt bearbeitet 16.06.2026 23:05:39
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image ...
CVE-2009-0723
- EPSS 5.03%
- Veröffentlicht 23.03.2009 14:19:12
- Zuletzt bearbeitet 16.06.2026 23:05:38
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer over...
CVE-2009-0581
- EPSS 2.5%
- Veröffentlicht 23.03.2009 14:19:12
- Zuletzt bearbeitet 16.06.2026 23:05:21
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
CVE-2006-4519
- EPSS 5.6%
- Veröffentlicht 10.07.2007 18:30:00
- Zuletzt bearbeitet 16.06.2026 22:29:15
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
CVE-2007-2949
- EPSS 7.17%
- Veröffentlicht 04.07.2007 15:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:45
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
- EPSS 2.72%
- Veröffentlicht 08.06.2007 00:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:07
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.
CVE-2007-2356
- EPSS 15.67%
- Veröffentlicht 30.04.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:25
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
CVE-2006-3404
- EPSS 5.04%
- Veröffentlicht 06.07.2006 20:05:00
- Zuletzt bearbeitet 16.06.2026 22:26:59
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VE...