Vulnerability in Gimp image processing software
Secunia has reported a security vulnerability in the widely-used open source image processing software tool Gimp, which may allow a PC to be compromised using crafted images. However, the security service provider expresses itself quite vaguely in their advisory concerning this matter. Currently information suggests that exploits will probably only cause the application to crash.
According to the security advisory, the vulnerability is located in the function seek_to_and_unpack_pixeldata in the file plug-ins/common/psd.c for images in Adobe Photoshop PSD format. When a PSD file with extremely large width or height values is opened, a heap overflow occurs which could allow code to be injected and executed with the privileges of the registered user – unfortunately mostly with administrator privileges under Windows, and under Unix and Mac OS X generally with restricted privileges.
According to Secunia, the current stable Version 2.2.15 for Windows, Unix and Mac OS X and probably previous versions are affected. The vulnerability has already been eliminated in the developer subversion repositories, but a new Gimp version is still not yet available. Users who don't want to compile Gimp themselves should wait until a new version is released before processing PSD files from unknown sources.
- Gimp PSD Plugin Integer Overflow Vulnerability, security advisory from Secunia
- A heap of a risk, buffer overflows on the heap and how to exploit them, background article on heise Security