Home > Vulnerability Database > CVE-2006-4519

Mend.io Vulnerability Database

CVE-2006-4519

Date: July 10, 2007

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.

Severity Score

5.6

Related Resources (31)

Url: http://osvdb.org/42140

Url: http://osvdb.org/42141

Url: http://osvdb.org/42142

Url: http://osvdb.org/42143

Url: http://www.securitytracker.com/id?1018349

Url: http://osvdb.org/42144

Url: http://osvdb.org/42145

Url: http://www.vupen.com/english/advisories/2007/2471

Url: https://access.redhat.com/security/cve/CVE-2006-4519

Url: http://www.securityfocus.com/bid/24835

Url: http://security.gentoo.org/glsa/glsa-200707-09.xml

Url: http://developer.gimp.org/NEWS-2.2

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:170

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-4519

Url: http://secunia.com/advisories/26240

Url: http://www.ubuntu.com/usn/usn-494-1

Url: http://www.debian.org/security/2007/dsa-1335

Url: http://issues.foresightlinux.org/browse/FL-457

Url: http://www.securityfocus.com/archive/1/475257/100/0/threaded

Url: http://osvdb.org/42139

Url: http://www.redhat.com/support/errata/RHSA-2007-0513.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/35308

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-4519

Url: http://bugzilla.gnome.org/show_bug.cgi?id=451379

Url: http://secunia.com/advisories/26939

Url: http://secunia.com/advisories/26575

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842

Url: http://secunia.com/advisories/26132

Url: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551

Url: http://secunia.com/advisories/26215

Url: https://www.mend.io/vulnerability-database/CVE-2006-4519

Severity Score

5.6

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-4519

Date: July 10, 2007

Severity Score

Related Resources (31)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?