Re: GIMP gifload.exe GIF file (image width)*(image height)==0 DOS vulnerability

From: Hongzhen Zhou (felix__zhou_at_hotmail.com)
Date: 03/07/05

Next message: Atom Smasher: "Lingo VoIP ATA / UTStarcom iAN-02EX remote access vulnerability"

Previous message: Sowhat: "Gene6 FTP Server Local Privilege Escalation Vulnerability"
Maybe in reply to: Hongzhen Zhou: "GIMP gifload.exe GIF file (image width)*(image height)==0 DOS vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 7 Mar 2005 08:30:38 -0000
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is) In-Reply-To: <20050304163537.GA24606@c9x.org>

The bugzilla entry is http://bugzilla.gnome.org/show_bug.cgi?id=169113

The vendor has reponsed:
------- Additional Comment #2 From sven@gimp.org 2005-03-03 12:51 -------
Added a sanity check in CVS HEAD. I don't consider this worth to be backported
to 2.2, closing as FIXED.

2005-03-03 Sven Neumann <sven@gimp.org>

* plug-ins/common/gifload.c (ReadImage): added a sanity check for
bogus frame dimensions. Fixes bug #169113.

Next message: Atom Smasher: "Lingo VoIP ATA / UTStarcom iAN-02EX remote access vulnerability"

Previous message: Sowhat: "Gene6 FTP Server Local Privilege Escalation Vulnerability"
Maybe in reply to: Hongzhen Zhou: "GIMP gifload.exe GIF file (image width)*(image height)==0 DOS vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]