CVE-2007-3126

{"id": "CVE-2007-3126", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-06-08T00:30:00.000", "references": [{"url": "http://osvdb.org/43453", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/470751/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.gnome.org/show_bug.cgi?id=778604", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34789", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/43453", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/470751/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.gnome.org/show_bug.cgi?id=778604", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34789", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237."}, {"lang": "es", "value": "Gimp anterior a la versi\u00f3n 2.8.22 permite a los atacantes dependiendo del contexto causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo ICO con un InfoHeader que contiene una altura de cero, este es un problema similar al CVE-2007-2237."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C488890-3699-42F7-983D-8CB9D0396F16", "versionEndExcluding": "2.8.22"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Mandriva does not consider a user-assisted crash of an end-user application such as the GIMP to be a security issue.", "lastModified": "2007-09-17T00:00:00", "organization": "Mandriva"}, {"comment": "Red Hat does not consider a user-assisted crash of a user application such as GIMP to be a security issue.", "lastModified": "2007-06-29T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}