CVE-2006-3404
published 2006-07-06CVE-2006-3404: Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service…
medium5.1CVSS 3.1
AVNACHAuNCPIPAP
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gimp | < gimp 2.2.11-3.1 (bookworm) | gimp 2.2.11-3.1 (bookworm) |
| gimp | gimp | < 2.2.12 | 2.2.12 |
| gimp | gimp | >= 0 < 2.2.11-3.1 | 2.2.11-3.1 |
| gimp | gimp | >= 0 < 2.2.11-3.1 | 2.2.11-3.1 |
| gimp | gimp | >= 0 < 2.2.11-3.1 | 2.2.11-3.1 |
| gimp | gimp | >= 0 < 2.2.11-3.1 | 2.2.11-3.1 |
CVSS provenance
nvd5.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM