Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 150677 - CAN-2005-0654 gimp GIF DoS
CAN-2005-0654 gimp GIF DoS
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: gimp (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nils Philippsen
David Lawrence
impact=none,public=20050304,source=cv...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-09 11:11 EST by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-21 07:02:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Demo image which triggers this issue. (62 bytes, application/octet-stream)
2005-03-09 11:11 EST, Josh Bressers 		no flags Details
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Bugzilla 169113 None None None Never

  None (edit)
Description Josh Bressers 2005-03-09 11:11:26 EST 
gifload in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or
local users to cause a denial of service (application crash) via the image
descriptor (1) height or (2) width fields set to zero.

http://marc.theaimsgroup.com/?l=bugtraq&m=110995346018830&w=2
Comment 1 Josh Bressers 2005-03-09 11:11:26 EST 
Created attachment 111813 [details]
Demo image which triggers this issue.
Comment 2 Josh Bressers 2005-03-09 11:12:47 EST 
This issue should also affect RHEL3 and RHEL2.1.
Comment 3 Nils Philippsen 2005-03-09 12:01:32 EST 
Hmm, with gimp-2.2.4, this crashes the GIF _plugin_ in an assertion. I don't see
how it should affect the main application. Nevertheless I'll backport the fix
which is in upstream CVS for RHEL/Fedora, because upstream won't bother to
backport it themselves (see their bugzilla).
Comment 7 Mark J. Cox 2005-03-21 07:02:53 EST 
Crashing a client application on load of a malicious image is not a security
issue -- don't load the bad image.  Closing.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.