CVE-2006-3404

EPSS 1.9%

gimp - buffer overflow

Published: 7/6/2006Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-3404

Description

Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

Affected packages (2)

Debian/gimpfrom 0, < 2.2.11-3.1
Debian/gimpfrom 0, < 2.2.6-1sarge1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-3404