CVE-2012-3403

Published: Aug 25, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-1559-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2012:1180

vendor-advisory

x_refsource_REDHAT

1027411

vdb-entry

x_refsource_SECTRACK

RHSA-2012:1181

vendor-advisory

x_refsource_REDHAT

55101

vdb-entry

x_refsource_BID

MDVSA-2013:082

vendor-advisory

x_refsource_MANDRIVA

SUSE-SU-2012:1029

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2012:1080

vendor-advisory

x_refsource_SUSE

MDVSA-2012:142

vendor-advisory

x_refsource_MANDRIVA

50296

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=839020

x_refsource_MISC

[oss-security] 20120820 The Gimp CEL plug-in CVE-2012-3403 issue

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-3403

Description

Affected Products

References