9.3
CVSSv2

CVE-2009-1570

Published: 13/11/2009 Updated: 07/02/2022
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote malicious users to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gimp gimp 2.6.7

Vendor Advisories

Stefan Cornelius discovered that GIMP did not correctly handle certain malformed BMP files If a user were tricked into opening a specially crafted BMP file, an attacker could execute arbitrary code with the user’s privileges (CVE-2009-1570) ...
Debian Bug report logs - #555929 gimp: CVE-2009-1570 heap overflow due to integer overflow when parsing bmp files Package: gimp; Maintainer for gimp is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Source for gimp is src:gimp (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> ...
Debian Bug report logs - #556750 gimp: CVE-2009-3909: heap overflow due to integer overflow when parsing psd files Package: gimp; Maintainer for gimp is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Source for gimp is src:gimp (PTS, buildd, popcon) Reported by: Raphael Geissert <geissert@debian ...