GNOME Bugzilla – Bug 778604
CVE-2007-3126 - Gimp 2.3.14 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero,
Last modified: 2017-02-14 14:14:09 UTC
+++ This bug was initially created as a clone of Bug #773233 +++ Found this in the Debian Security tracker at https://security-tracker.debian.org/tracker/source-package/gimp https://security-tracker.debian.org/tracker/CVE-2007-3126 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3126 It's classified as unimportant, and I guess only the ICO plug-in crashes. I can't find any evidence of this ever being brought to our attention, nor being addressed by us. It is possible that current versions of GIMP still suffer from the issue. I couldn't find any test files attached to any of the messages referenced by the various threads and sites, either.
Let's get this fixed in gimp-2-8 as well, this will help to clear up the security tracker and NVD listing, among others.
Done: commit 323ecb73f7bf36788fb7066eb2d6678830cd5de7 Author: Michael Natterer <mitch@gimp.org> Date: Sun Nov 6 21:34:43 2016 +0100 Bug 773233 - CVE-2007-3126 - Gimp 2.3.14 allows context-dependent attackers... ...to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero Add some error handling to ico-load.c and bail out on zero width or height icons. Also some formatting cleanup. (cherry picked from commit 46bcd82800e37b0f5aead76184430ef2fe802748) plug-ins/file-ico/ico-load.c | 103 ++++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 62 insertions(+), 41 deletions(-)