CVE-2009-3909

Published: Nov 19, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

60178

vdb-entry

x_refsource_OSVDB

DSA-1941

vendor-advisory

x_refsource_DEBIAN

GLSA-201209-23

vendor-advisory

x_refsource_GENTOO

http://git.gnome.org/cgit/gimp/commit/?id=9cc8d78ff33b7a36852b74e64b427489cad44d0e

x_refsource_CONFIRM

ADV-2009-3270

vdb-entry

x_refsource_VUPEN

RHSA-2012:1181

vendor-advisory

x_refsource_REDHAT

http://git.gnome.org/cgit/gimp/commit/?id=0e440cb6d4d6ee029667363d244aff61b154c33c

x_refsource_CONFIRM

http://secunia.com/secunia_research/2009-43/

x_refsource_MISC

https://bugzilla.gnome.org/show_bug.cgi?id=600741

x_refsource_MISC

20091117 Secunia Research: Gimp PSD Image Parsing Integer Overflow Vulnerability

mailing-list

x_refsource_BUGTRAQ

SUSE-SR:2010:009

vendor-advisory

x_refsource_SUSE

37040

vdb-entry

x_refsource_BID

50737

third-party-advisory

x_refsource_SECUNIA

ADV-2010-1021

vdb-entry

x_refsource_VUPEN

37348

third-party-advisory

x_refsource_SECUNIA

MDVSA-2009:332

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-3909

Description

Affected Products

References