Executive Summary

Summary
Titlegimp security update
Informations
NameDSA-2426First vendor Publication2012-03-06
VendorDebianLast vendor Modification2012-03-06
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been identified in GIMP, the GNU Image Manipulation Program.

CVE-2010-4540 Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file.

CVE-2010-4541 Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file.

CVE-2010-4542 Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in in the GFIG plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file.

CVE-2010-4543 Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image.

CVE-2011-1782 The correction for CVE-2010-4543 was incomplete.

CVE-2011-2896 The LZW decompressor in the LZWReadByte function in plug-ins/common/file-gif-load.c does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream.



For the stable distribution (squeeze), these problems have been fixed in version 2.6.10-1+squeeze3.

For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 2.6.11-5.

We recommend that you upgrade your gimp packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2426

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21949
 
Oval ID: oval:org.mitre.oval:def:21949
Title: RHSA-2011:0839: gimp security update (Moderate)
Description: Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): RHSA-2011:0839-01
CVE-2010-4540
CVE-2010-4541
CVE-2010-4542
CVE-2010-4543
Version: 55
Platform(s): Red Hat Enterprise Linux 6
Product(s): gimp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23689
 
Oval ID: oval:org.mitre.oval:def:23689
Title: ELSA-2011:0839: gimp security update (Moderate)
Description: Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2011:0839-01
CVE-2010-4540
CVE-2010-4541
CVE-2010-4542
CVE-2010-4543
Version: 18
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21320
 
Oval ID: oval:org.mitre.oval:def:21320
Title: RHSA-2012:0302: cups security and bug fix update (Low)
Description: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
Family: unix Class: patch
Reference(s): RHSA-2012:0302-03
CVE-2011-2896
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Product(s): cups
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23080
 
Oval ID: oval:org.mitre.oval:def:23080
Title: ELSA-2012:0302: cups security and bug fix update (Low)
Description: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
Family: unix Class: patch
Reference(s): ELSA-2012:0302-03
CVE-2011-2896
Version: 3
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application91
Application1
Application47
Application38

OpenVAS Exploits

DateDescription
2012-10-03Name : Gentoo Security Advisory GLSA 201209-23 (gimp)
File : nvt/glsa_201209_23.nasl
2012-08-21Name : RedHat Update for gimp RHSA-2012:1180-01
File : nvt/gb_RHSA-2012_1180-01_gimp.nasl
2012-08-21Name : RedHat Update for gimp RHSA-2012:1181-01
File : nvt/gb_RHSA-2012_1181-01_gimp.nasl
2012-08-21Name : CentOS Update for gimp CESA-2012:1180 centos6
File : nvt/gb_CESA-2012_1180_gimp_centos6.nasl
2012-08-21Name : CentOS Update for gimp CESA-2012:1181 centos5
File : nvt/gb_CESA-2012_1181_gimp_centos5.nasl
2012-07-30Name : CentOS Update for gimp CESA-2011:0837 centos4 x86_64
File : nvt/gb_CESA-2011_0837_gimp_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for gimp CESA-2011:0838 centos5 x86_64
File : nvt/gb_CESA-2011_0838_gimp_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for cups RHSA-2011:1635-03
File : nvt/gb_RHSA-2011_1635-03_cups.nasl
2012-06-06Name : RedHat Update for gimp RHSA-2011:0839-01
File : nvt/gb_RHSA-2011_0839-01_gimp.nasl
2012-04-02Name : Fedora Update for gimp FEDORA-2011-10761
File : nvt/gb_fedora_2011_10761_gimp_fc16.nasl
2012-04-02Name : Fedora Update for cups FEDORA-2011-11173
File : nvt/gb_fedora_2011_11173_cups_fc16.nasl
2012-04-02Name : Fedora Update for pl FEDORA-2011-11229
File : nvt/gb_fedora_2011_11229_pl_fc16.nasl
2012-03-12Name : Debian Security Advisory DSA 2426-1 (gimp)
File : nvt/deb_2426_1.nasl
2012-02-21Name : RedHat Update for cups RHSA-2012:0302-03
File : nvt/gb_RHSA-2012_0302-03_cups.nasl
2012-02-12Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD14.nasl
2012-02-11Name : Debian Security Advisory DSA 2354-1 (cups)
File : nvt/deb_2354_1.nasl
2011-11-08Name : Mandriva Update for gimp MDVSA-2011:167 (gimp)
File : nvt/gb_mandriva_MDVSA_2011_167.nasl
2011-10-21Name : Mandriva Update for libxfont MDVSA-2011:153 (libxfont)
File : nvt/gb_mandriva_MDVSA_2011_153.nasl
2011-10-14Name : Mandriva Update for cups MDVSA-2011:146 (cups)
File : nvt/gb_mandriva_MDVSA_2011_146.nasl
2011-09-23Name : Ubuntu Update for gimp USN-1214-1
File : nvt/gb_ubuntu_USN_1214_1.nasl
2011-09-21Name : FreeBSD Ports: libXfont
File : nvt/freebsd_libXfont.nasl
2011-09-16Name : Ubuntu Update for cups USN-1207-1
File : nvt/gb_ubuntu_USN_1207_1.nasl
2011-09-12Name : Fedora Update for cups FEDORA-2011-11221
File : nvt/gb_fedora_2011_11221_cups_fc14.nasl
2011-09-12Name : Fedora Update for pl FEDORA-2011-11305
File : nvt/gb_fedora_2011_11305_pl_fc15.nasl
2011-09-12Name : Fedora Update for pl FEDORA-2011-11318
File : nvt/gb_fedora_2011_11318_pl_fc14.nasl
2011-08-31Name : Fedora Update for cups FEDORA-2011-11197
File : nvt/gb_fedora_2011_11197_cups_fc15.nasl
2011-08-27Name : Fedora Update for gimp FEDORA-2011-10782
File : nvt/gb_fedora_2011_10782_gimp_fc14.nasl
2011-08-24Name : Fedora Update for gimp FEDORA-2011-10788
File : nvt/gb_fedora_2011_10788_gimp_fc15.nasl
2011-08-09Name : CentOS Update for gimp CESA-2011:0838 centos5 i386
File : nvt/gb_CESA-2011_0838_gimp_centos5_i386.nasl
2011-06-20Name : Ubuntu Update for gimp USN-1147-1
File : nvt/gb_ubuntu_USN_1147_1.nasl
2011-06-10Name : Fedora Update for gimp FEDORA-2011-7393
File : nvt/gb_fedora_2011_7393_gimp_fc14.nasl
2011-06-10Name : Fedora Update for gimp FEDORA-2011-7397
File : nvt/gb_fedora_2011_7397_gimp_fc13.nasl
2011-06-06Name : CentOS Update for gimp CESA-2011:0837 centos4 i386
File : nvt/gb_CESA-2011_0837_gimp_centos4_i386.nasl
2011-06-06Name : RedHat Update for gimp RHSA-2011:0837-01
File : nvt/gb_RHSA-2011_0837-01_gimp.nasl
2011-06-06Name : RedHat Update for gimp RHSA-2011:0838-01
File : nvt/gb_RHSA-2011_0838-01_gimp.nasl
2011-06-03Name : Mandriva Update for gimp MDVSA-2011:103 (gimp)
File : nvt/gb_mandriva_MDVSA_2011_103.nasl
2011-04-19Name : Ubuntu Update for gimp vulnerabilities USN-1109-1
File : nvt/gb_ubuntu_USN_1109_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
74539GIMP plug-ins/common/file-gif-load.c LZWReadByte() Function GIF File Handling...
70284GIMP plug-ins/common/file-psp.c read_channel_data() Function Overflow
70283GIMP plug-ins/gfig/gfig-style.c gfig_read_parameter_gimp_rgb() Function Overflow
70282GIMP plug-ins/lighting/lighting-ui.c load_preset_response() Function Overflow
70281GIMP plug-ins/common/sphere-designer.c loadit() Function Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0302.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0837.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0838.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0839.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1180.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1181.nasl - Type : ACT_GATHER_INFO
2013-06-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0838.nasl - Type : ACT_GATHER_INFO
2012-09-29Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-23.nasl - Type : ACT_GATHER_INFO
2012-09-06Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-147.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1180.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1181.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120820_gimp_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120820_gimp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1180.nasl - Type : ACT_GATHER_INFO
2012-08-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1181.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120221_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_gimp_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_gimp_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_gimp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111206_cups_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-03-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2426.nasl - Type : ACT_GATHER_INFO
2012-02-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0302.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_gimp-7543.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_gimp-7776.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_gimp-110923.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cups-110921.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cups-7775.nasl - Type : ACT_GATHER_INFO
2011-12-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1635.nasl - Type : ACT_GATHER_INFO
2011-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2354.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-167.nasl - Type : ACT_GATHER_INFO
2011-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cups-7774.nasl - Type : ACT_GATHER_INFO
2011-10-18Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-153.nasl - Type : ACT_GATHER_INFO
2011-10-11Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-146.nasl - Type : ACT_GATHER_INFO
2011-09-23Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1214-1.nasl - Type : ACT_GATHER_INFO
2011-09-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1207-1.nasl - Type : ACT_GATHER_INFO
2011-09-12Name : The remote Fedora host is missing a security update.
File : fedora_2011-11221.nasl - Type : ACT_GATHER_INFO
2011-09-12Name : The remote Fedora host is missing a security update.
File : fedora_2011-11229.nasl - Type : ACT_GATHER_INFO
2011-09-09Name : The remote Fedora host is missing a security update.
File : fedora_2011-11305.nasl - Type : ACT_GATHER_INFO
2011-09-09Name : The remote Fedora host is missing a security update.
File : fedora_2011-11318.nasl - Type : ACT_GATHER_INFO
2011-08-31Name : The remote Fedora host is missing a security update.
File : fedora_2011-11173.nasl - Type : ACT_GATHER_INFO
2011-08-29Name : The remote Fedora host is missing a security update.
File : fedora_2011-11197.nasl - Type : ACT_GATHER_INFO
2011-08-29Name : The remote print service is affected by a buffer overflow vulnerability.
File : cups_1_4_7.nasl - Type : ACT_GATHER_INFO
2011-08-23Name : The remote Fedora host is missing a security update.
File : fedora_2011-10782.nasl - Type : ACT_GATHER_INFO
2011-08-23Name : The remote Fedora host is missing a security update.
File : fedora_2011-10761.nasl - Type : ACT_GATHER_INFO
2011-08-20Name : The remote Fedora host is missing a security update.
File : fedora_2011-10788.nasl - Type : ACT_GATHER_INFO
2011-06-14Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1147-1.nasl - Type : ACT_GATHER_INFO
2011-06-09Name : The remote Fedora host is missing a security update.
File : fedora_2011-7397.nasl - Type : ACT_GATHER_INFO
2011-06-07Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_gimp-110531.nasl - Type : ACT_GATHER_INFO
2011-06-07Name : The remote Fedora host is missing a security update.
File : fedora_2011-7393.nasl - Type : ACT_GATHER_INFO
2011-06-02Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0837.nasl - Type : ACT_GATHER_INFO
2011-06-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0837.nasl - Type : ACT_GATHER_INFO
2011-06-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0838.nasl - Type : ACT_GATHER_INFO
2011-06-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0839.nasl - Type : ACT_GATHER_INFO
2011-05-31Name : The remote Fedora host is missing a security update.
File : fedora_2011-7371.nasl - Type : ACT_GATHER_INFO
2011-05-31Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-103.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for gimp
File : suse_11_2_gimp-110217.nasl - Type : ACT_GATHER_INFO
2011-04-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1109-1.nasl - Type : ACT_GATHER_INFO
2011-03-25Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_gimp-7374.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_gimp-110307.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:30:53
  • Multiple Updates