Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.
openSUSE 11.0 openSUSE 11.1 openSUSE 11.2 SUSE Linux Enterprise 11 Moblin 2.0 SUSE Linux Enterprise 11 Moblin 2.1 SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP3 for x86 SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise SDK 11 GA