Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Advisory | Patch | Confirmed | Link |
---|---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=947868 | |||
64105 | |||
USN-2051-1 | |||
GLSA-201603-01 | |||
DSA-2813 | |||
RHSA-2013:1778 |