Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57097
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2006:0598
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0598.

The GIMP (GNU Image Manipulation Program) is an image composition and
editing program.

Henning Makholm discovered a buffer overflow bug in The GIMP XCF file
loader. An attacker could create a carefully crafted image that could
execute arbitrary code if opened by a victim. (CVE-2006-3404)

Please note that this issue did not affect the gimp packages in Red Hat
Enterprise Linux 2.1, or 3.

Users of The GIMP should update to these erratum packages which contain a
backported fix to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0598.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : High

CVSS Score:
5.1

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3404
BugTraq ID: 18877
http://www.securityfocus.com/bid/18877
Bugtraq: 20060724 ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/441012/100/0/threaded
Bugtraq: 20060724 Re: [ GLSA 200607-08 ] GIMP: Buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/440987/100/0/threaded
Bugtraq: 20060724 rPSA-2006-0135-1 gimp (Google Search)
http://www.securityfocus.com/archive/1/441030/100/0/threaded
Debian Security Information: DSA-1116 (Google Search)
http://www.debian.org/security/2006/dsa-1116
http://security.gentoo.org/glsa/glsa-200607-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:127
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049
http://www.osvdb.org/27037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11259
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5908
http://www.redhat.com/support/errata/RHSA-2006-0598.html
http://securitytracker.com/id?1016527
http://secunia.com/advisories/20976
http://secunia.com/advisories/20979
http://secunia.com/advisories/21069
http://secunia.com/advisories/21104
http://secunia.com/advisories/21170
http://secunia.com/advisories/21182
http://secunia.com/advisories/21198
http://secunia.com/advisories/21459
http://secunia.com/advisories/23044
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102720-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200070-1
SuSE Security Announcement: SUSE-SR:2006:019 (Google Search)
http://www.novell.com/linux/security/advisories/2006_19_sr.html
http://www.ubuntu.com/usn/usn-312-1
http://www.vupen.com/english/advisories/2006/2703
http://www.vupen.com/english/advisories/2006/4634
XForce ISS Database: gimp-xcfloadvector-bo(27687)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27687
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.