Headline
CVE-2013-1913: xwd plugin g_new() integer overflow
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump.
Keywords:
Status:
CLOSED ERRATA
Alias:
CVE-2013-1913
Product:
Security Response
Classification:
Other
Component:
vulnerability
Sub Component:
Version:
unspecified
Hardware:
All
OS:
Linux
Priority:
medium
Severity:
medium
Target Milestone:
—
Assignee:
Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
947891 947894 947895 947896 1030899 1037720
Blocks:
879318
TreeView+
depends on / blocked
Reported:
2013-04-03 12:58 UTC by Stefan Cornelius
Modified:
2021-02-17 07:52 UTC (History)
CC List:
3 users (show)
Fixed In Version:
Doc Type:
Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
2013-12-14 19:49:29 UTC
Attachments
(Terms of Use)
updated patch for CVE-2013-1913 (1.14 KB, patch)
2013-11-27 10:45 UTC, Nils Philippsen
no flags
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)
Links
System
ID
Private
Priority
Status
Summary
Last Updated
Red Hat Product Errata
RHSA-2013:1778
0
normal
SHIPPED_LIVE
Moderate: gimp security update
2013-12-03 21:50:50 UTC