Vulnerability Details : CVE-2007-2949
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
Vulnerability category: OverflowExecute code
Products affected by CVE-2007-2949
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-2949
25.89%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-2949
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2007-2949
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-2949
-
https://issues.rpath.com/browse/RPL-1487
Broken Link
-
http://secunia.com/advisories/28114
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/26215
About Secunia Research | FlexeraBroken Link
-
http://www.redhat.com/support/errata/RHSA-2007-0513.html
SupportBroken Link
-
http://secunia.com/advisories/25949
About Secunia Research | FlexeraBroken Link
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170
MandrivaBroken Link
-
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191
SlackwareThird Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35246
GIMP seek_to_and_unpack_pixeldata code execution CVE-2007-2949 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://osvdb.org/37804
Broken Link
-
http://secunia.com/secunia_research/2007-63/advisory/
About Secunia Research | FlexeraBroken Link;Patch;Vendor Advisory
-
http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798
Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/4241
Site en constructionBroken Link
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1
Broken Link
-
http://issues.foresightlinux.org/browse/FL-457
Broken Link
-
http://www.ubuntu.com/usn/usn-480-1
500: Server error | UbuntuThird Party Advisory
-
http://www.debian.org/security/2007/dsa-1335
[SECURITY] [DSA 1335-1] New gimp packages fix arbitrary code executionThird Party Advisory
-
http://www.vupen.com/english/advisories/2007/2421
Site en constructionBroken Link
-
http://secunia.com/advisories/26939
About Secunia Research | FlexeraBroken Link
-
http://security.gentoo.org/glsa/glsa-200707-09.xml
GIMP: Multiple integer overflows (GLSA 200707-09) — Gentoo securityThird Party Advisory
-
http://secunia.com/advisories/26575
About Secunia Research | FlexeraBroken Link
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1
Broken Link
-
http://www.securityfocus.com/bid/24745
Broken Link;Third Party Advisory;VDB Entry
-
http://www.novell.com/linux/security/advisories/2007_15_sr.html
Security - Support | SUSEBroken Link
-
http://secunia.com/advisories/26384
About Secunia Research | FlexeraBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276
404 Not FoundTool Signature
-
http://secunia.com/advisories/25677
About Secunia Research | FlexeraBroken Link;Patch
-
http://secunia.com/advisories/26044
About Secunia Research | FlexeraBroken Link
-
http://www.kb.cert.org/vuls/id/399896
VU#399896 - GIMP integer overflow vulnerabilityThird Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772
404 Not FoundTool Signature
-
http://secunia.com/advisories/26132
About Secunia Research | FlexeraBroken Link
Jump to