Integer overflow in Gimp

CVE-2013-1913

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbi…

Vulnerability class: Integer Overflow

EPSS: 0.020 (84.1th percentile) — read the EPSS interpretation.

Affected products

Gimp
Gnome Glib
Redhat Enterprise_linux — versions 5.0, 6.0
N/a — versions n/a

Weakness classification (CWE)

CWE-190 — Integer Overflow or Wraparound

References

64105 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
RHSA-2013:1778 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory, Vendor Advisory)
GLSA-201603-01 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
DSA-2813 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
USN-2051-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)