Buffer overflow in Gimp

CVE-2013-1978

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X W…

Vulnerability class: Buffer Overflow

EPSS: 0.034 (87.7th percentile) — read the EPSS interpretation.

Affected products

Gimp
Gnome Glib
Redhat Enterprise_linux — versions 5.0, 6.0
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

64098 (VDB Entry, vdb-entry, x_refsource_BID, Broken Link)
RHSA-2013:1778 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory, Vendor Advisory)
GLSA-201603-01 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
DSA-2813 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
USN-2051-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)