Executive Summary
Summary | |
---|---|
Title | Updated gimp packages fix input data validation issues in several plugins |
Informations | |||
---|---|---|---|
Name | MDKSA-2007:170 | First vendor Publication | 2007-08-23 |
Vendor | Mandriva | Last vendor Modification | 2007-08-23 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. (CVE-2006-4519) Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. (CVE-2007-2949) Victor Stinner has discovered several flaws in file plug-ins using his fuzzyfier tool fusil. Several modified image files cause the plug-ins to crash or consume excessive amounts of memory due to insufficient input validation. Affected plug-ins: bmp, pcx, psd, psp (*.tub). (CVE-2007-3741) Updated packages have been patched to prevent these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10099 | |||
Oval ID: | oval:org.mitre.oval:def:10099 | ||
Title: | The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool. | ||
Description: | The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3741 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10842 | |||
Oval ID: | oval:org.mitre.oval:def:10842 | ||
Title: | Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. | ||
Description: | Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-4519 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11276 | |||
Oval ID: | oval:org.mitre.oval:def:11276 | ||
Title: | Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | ||
Description: | Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2949 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19721 | |||
Oval ID: | oval:org.mitre.oval:def:19721 | ||
Title: | DSA-1335-1 gimp | ||
Description: | Several remote vulnerabilities have been discovered in Gimp, the GNU Image Manipulation Program, which might lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1335-1 CVE-2006-4519 CVE-2007-2949 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gimp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21780 | |||
Oval ID: | oval:org.mitre.oval:def:21780 | ||
Title: | ELSA-2007:0513: gimp security update (Moderate) | ||
Description: | The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0513-02 CVE-2006-4519 CVE-2007-2949 CVE-2007-3741 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | gimp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5772 | |||
Oval ID: | oval:org.mitre.oval:def:5772 | ||
Title: | PSD Plugin of Gimp vulnerability | ||
Description: | Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2949 | Version: | 1 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-09-23 | Name : Solaris Update for GNOME 2.6.0 122212-33 File : nvt/gb_solaris_122212_33.nasl |
2009-09-23 | Name : Solaris Update for GNOME Desktop 122213-33 File : nvt/gb_solaris_122213_33.nasl |
2009-06-03 | Name : Solaris Update for GNOME 2.6.0 122212-32 File : nvt/gb_solaris_122212_32.nasl |
2009-06-03 | Name : Solaris Update for GNOME Desktop 122213-32 File : nvt/gb_solaris_122213_32.nasl |
2009-04-09 | Name : Mandriva Update for gimp MDKSA-2007:170 (gimp) File : nvt/gb_mandriva_MDKSA_2007_170.nasl |
2009-03-23 | Name : Ubuntu Update for gimp vulnerability USN-480-1 File : nvt/gb_ubuntu_USN_480_1.nasl |
2009-03-23 | Name : Ubuntu Update for gimp vulnerability USN-494-1 File : nvt/gb_ubuntu_USN_494_1.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-09 (gimp) File : nvt/glsa_200707_09.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1335-1 (gimp) File : nvt/deb_1335_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-222-01 gimp File : nvt/esoft_slk_ssa_2007_222_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42145 | GIMP XWD Plugin Crafted Image Length Value Handling Overflow |
42144 | GIMP XBM Plugin Crafted Image Length Value Handling Overflow |
42143 | GIMP Sun RAS Plugin Crafted Image Length Value Handling Overflow |
42142 | GIMP PSP Plugin Crafted Image Length Value Handling Overflow |
42141 | GIMP PSD Plugin Crafted Image Length Value Handling Overflow |
42140 | GIMP PNM Plugin Crafted Image Length Value Handling Overflow |
42139 | GIMP DICOM Plugin Crafted Image Length Value Handling Overflow |
42131 | GIMP PSD Plugin Crafted Image File Handling DoS |
42130 | GIMP PCX Plugin Crafted Image File Handling DoS |
42129 | GIMP BMP Plugin Crafted Image File Handling DoS |
42128 | GIMP PSP Plugin Crafted .tub Image File Handling DoS |
37804 | GIMP psd.c seek_to_and_unpack_pixeldata Function PSD Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0513.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070926_gimp_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gimp-3962.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gimp-3993.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-480-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-494-1.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_gimp-3949.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_gimp-3995.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0513.nasl - Type : ACT_GATHER_INFO |
2007-09-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0513.nasl - Type : ACT_GATHER_INFO |
2007-08-28 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-170.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-222-01.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-09.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1335.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:50 |
|