Shodan
Vulnerabilities
Vulnerable Software
Gimp:  >> Gimp  Security Vulnerabilities
CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVSS Score
9.3
EPSS Score
0.009
Published
2009-03-23
CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
CVSS Score
9.3
EPSS Score
0.015
Published
2009-03-23
CVE-2006-4519
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
CVSS Score
6.8
EPSS Score
0.066
Published
2007-07-10
CVE-2007-2949
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
CVSS Score
6.8
EPSS Score
0.259
Published
2007-07-04
CVE-2007-3126
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.
CVSS Score
5.0
EPSS Score
0.009
Published
2007-06-08
CVE-2007-2356
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
CVSS Score
6.8
EPSS Score
0.325
Published
2007-04-30
CVE-2006-3404
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
CVSS Score
5.1
EPSS Score
0.019
Published
2006-07-06
CVE-2005-0654
gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service (application crash) via the image descriptor (1) height or (2) width fields set to zero.
CVSS Score
5.0
EPSS Score
0.007
Published
2005-05-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved