CVE-2012-3402
Summary
| CVE | CVE-2012-3402 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-08-25 10:29:00 UTC |
| Updated | 2023-02-13 00:25:00 UTC |
| Description | Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909. |
Risk And Classification
Problem Types: CWE-190
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | MISC | access.redhat.com | |
| CVE-2012-3402 - Red Hat Customer Portal | MISC | access.redhat.com | |
| oss-security - The Gimp PSD plug-in CVE-2012-3402 issue | MLIST | www.openwall.com | |
| Bug 838941 – CVE-2012-3402 gimp (PSD plug-in): Heap-buffer overflow by decoding certain PSD headers | MISC | bugzilla.redhat.com | |
| Gentoo Linux Documentation -- GIMP: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| Security Alerts - Secunia | SECUNIA | secunia.com | |
| Attachment 603059 Details for Bug 838941 – Patch to fix CVEs 2009-3909 and 2012-3402 | MISC | bugzilla.redhat.com | |
| GNU Image Manipulation Program (GIMP) PSD/KiSS/GIF Heap Overflows Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.