CVE-2013-1978

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.
References
Link Resource
http://rhn.redhat.com/errata/RHSA-2013-1778.html Third Party Advisory Vendor Advisory
http://www.debian.org/security/2013/dsa-2813 Third Party Advisory
http://www.securityfocus.com/bid/64098 Broken Link VDB Entry
http://www.ubuntu.com/usn/USN-2051-1 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=953902 Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201603-01 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

History

13 Feb 2023, 04:42

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2013:1778', 'name': 'https://access.redhat.com/errata/RHSA-2013:1778', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2013-1978', 'name': 'https://access.redhat.com/security/cve/CVE-2013-1978', 'tags': [], 'refsource': 'MISC'}
Summary CVE-2013-1978 gimp: XWD plugin color map heap-based buffer overflow Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.

02 Feb 2023, 18:17

Type Values Removed Values Added
Summary Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries. CVE-2013-1978 gimp: XWD plugin color map heap-based buffer overflow
References
  • (MISC) https://access.redhat.com/errata/RHSA-2013:1778 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2013-1978 -

07 Feb 2022, 19:09

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/201603-01 - (GENTOO) https://security.gentoo.org/glsa/201603-01 - Third Party Advisory
References (DEBIAN) http://www.debian.org/security/2013/dsa-2813 - (DEBIAN) http://www.debian.org/security/2013/dsa-2813 - Third Party Advisory
References (UBUNTU) http://www.ubuntu.com/usn/USN-2051-1 - (UBUNTU) http://www.ubuntu.com/usn/USN-2051-1 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/64098 - (BID) http://www.securityfocus.com/bid/64098 - Broken Link, VDB Entry
References (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=953902 - (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=953902 - Issue Tracking, Third Party Advisory
References (REDHAT) http://rhn.redhat.com/errata/RHSA-2013-1778.html - Vendor Advisory (REDHAT) http://rhn.redhat.com/errata/RHSA-2013-1778.html - Third Party Advisory, Vendor Advisory
CWE CWE-119 CWE-787
CPE cpe:2.3:a:gimp:gimp:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

Information

Published : 2013-12-12 18:55

Updated : 2023-12-10 11:16


NVD link : CVE-2013-1978

Mitre link : CVE-2013-1978

CVE.ORG link : CVE-2013-1978


JSON object : View

Products Affected

gnome

  • glib

redhat

  • enterprise_linux

gimp

  • gimp
CWE
CWE-787

Out-of-bounds Write