Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability CVE-2012-5576

Gimp: buffer overflow via XWD

Synthesis of the vulnerability

An attacker can create a malicious XWD file which overflows a GIMP buffer, in order to execute code.
Impacted products: Debian, Fedora, GIMP, MBS, MES, openSUSE, RHEL.
Severity: 3/4.
Creation date: 22/11/2012.
Identifiers: 687392, BID-56647, CVE-2012-5576, DSA-2813-1, FEDORA-2013-2000, MDVSA-2013:082, MDVSA-2013:294, openSUSE-SU-2012:1623-1, openSUSE-SU-2013:0123-1, RHSA-2013:1778-01, VIGILANCE-VUL-12180.

Description of the vulnerability

The image format XWD is used to store screenshots in an X Window environment.

The functions load_xwd_f2_d24_b32() and load_xwd_f1_d24_b1() in the file plug-ins/common/file-xwd.c in Gimp decode this image format. These functions use local variables to store the maximal size of primary color tables. However, theses values directly come from the XWD file, without sanity checks, which leads to a stack buffer overflow.

An attacker can therefore create a malicious XWD file which overflows a GIMP buffer, in order to execute code.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides network vulnerability alerts. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française