CVE-2017-17789

Опубликовано: 20 дек. 2017

Источник: debian

Описание

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

Пакет	Статус	Версия исправления	Релиз	Тип
gimp	fixed	2.8.20-1.1		package

https://bugzilla.gnome.org/show_bug.cgi?id=790849
https://git.gnome.org/browse/GIMP/commit/?id=28e95fbeb5720e6005a088fa811f5bf3c1af48b8 (master)
https://git.gnome.org/browse/GIMP/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f (gimp-2-8)
Cannot be reproduced in wheezy with "valgrind --trace-children=yes gimp <reproducerfile>"
Some OOB read/write can be reproduced in sid with "valgrind --trace-children=yes gimp <reproducerfile>"

CVE-2017-17789

CVSS3: 7.8

ubuntu

около 8 лет назад

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

CVE-2017-17789

CVSS3: 7.8

redhat

около 8 лет назад

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

CVE-2017-17789

CVSS3: 7.8

nvd

около 8 лет назад

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

openSUSE-SU-2020:1420-1

suse-cvrf

больше 5 лет назад

Security update for gimp

SUSE-SU-2020:2604-1

suse-cvrf

больше 5 лет назад

Security update for gimp