Gimp : Security Vulnerabilities, CVEs, Published In 2012 (Denial of service)
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.
Max CVSS
7.5
EPSS Score
75.87%
Published
2012-12-18
Updated
2023-02-13
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted height and len properties in a GIF image file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Max CVSS
6.8
EPSS Score
1.91%
Published
2012-08-25
Updated
2023-02-13
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."
Max CVSS
6.8
EPSS Score
2.68%
Published
2012-08-25
Updated
2023-02-13
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.
Max CVSS
6.8
EPSS Score
1.71%
Published
2012-08-25
Updated
2023-02-13
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
Max CVSS
4.3
EPSS Score
0.92%
Published
2012-07-12
Updated
2022-02-07
5 vulnerabilities found