gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
BID:40062
Info
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
| Bugtraq ID: | 40062 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2010-1620 |
| Remote: | Yes |
| Local: | No |
| Published: | May 05 2010 12:00AM |
| Updated: | Apr 13 2015 10:25PM |
| Credit: | Dan Rosenberg |
| Vulnerable: |
Gentoo Linux Free Software Foundation gdomap 0 |
| Not Vulnerable: | |
Discussion
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
GIMP is prone to an integer-overflow vulnerability.
Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
GIMP is prone to an integer-overflow vulnerability.
Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Exploit / POC
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
References:
References:
- gdomap documentation (Richard Frith-Macdonald)
- Re: [bug #29755] gdomap information disclosure vulnerabilities (Dan Rosenberg
gmail.com>)