Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 247565 - (CVE-2006-4519) CVE-2006-4519 GIMP multiple image loader integer overflows
CVE-2006-4519 GIMP multiple image loader integer overflows
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 247566 247567 247568 247569 247570 247571 247572 247573 247574 833902
  Show dependency treegraph
Reported: 2007-07-09 20:29 EDT by Josh Bressers
Modified: 2016-03-04 07:27 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-12-22 11:52:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Bugzilla 451379 None None None Never
GNOME Bugzilla 453973 None None None Never
Red Hat Product Errata RHSA-2007:0513 normal SHIPPED_LIVE Moderate: gimp security update 2008-01-07 14:10:49 EST

  None (edit)
Description Josh Bressers 2007-07-09 20:29:47 EDT
iDefense has reported several integer overflow flaws in GIMP.  It is presumed
that these flaws could lead to arbitrary code execution if a victim opens a
malicious image file.
Comment 2 Nils Philippsen 2007-07-12 03:01:26 EDT
Reproducers for some of the problems can be found in one of the corresponding
upstream bugs: http://bugzilla.gnome.org/show_bug.cgi?id=453973
Comment 4 Vincent Danen 2010-12-22 11:52:18 EST
This was addressed via:

Red Hat Enterprise Linux version 2.1 (RHSA-2007:0513)
Red Hat Enterprise Linux version 3 (RHSA-2007:0513)
Red Hat Enterprise Linux version 4 (RHSA-2007:0513)
Red Hat Enterprise Linux version 5 (RHSA-2007:0513)

Note You need to log in before you can comment on or make changes to this bug.