Vulnerability Details : CVE-2009-1570
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
Vulnerability category: OverflowExecute code
Products affected by CVE-2009-1570
- cpe:2.3:a:gimp:gimp:2.6.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1570
6.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-1570
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-1570
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-1570
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/54254
GIMP ReadImage() buffer overflow CVE-2009-1570 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2009/3564
Site en constructionBroken Link
-
http://www.redhat.com/support/errata/RHSA-2011-0837.html
SupportBroken Link
-
http://www.vupen.com/english/advisories/2009/3228
Site en constructionBroken Link;Patch
-
http://www.securityfocus.com/bid/37006
Broken Link;Third Party Advisory;VDB Entry
-
http://security.gentoo.org/glsa/glsa-201209-23.xml
GIMP: Multiple vulnerabilities (GLSA 201209-23) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/archive/1/507813/100/0/threaded
Broken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:009Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2011-0838.html
SupportBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8290
404 Not FoundTool Signature
-
http://www.vupen.com/english/advisories/2010/1021
Site en constructionBroken Link
-
http://git.gnome.org/cgit/gimp/commit/?h=gimp-2-6&id=df2b0aca2e7cdb95ebfd3454c65aaba0a83e9bbe
Harden the BMP plugin against integer overflows. (df2b0aca) · Commits · GNOME / GIMP · GitLabPatch;Vendor Advisory
-
https://bugzilla.gnome.org/show_bug.cgi?id=600484
Access DeniedIssue Tracking;Third Party Advisory
Jump to