Test ID:	1.3.6.1.4.1.25623.1.0.58906
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:0343
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:0343. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Marsu discovered a stack overflow bug in The GIMP RAS file loader. An attacker could create a carefully crafted file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-2356) For users of Red Hat Enterprise Linux 5, the previous GIMP packages had a bug that concerned the execution order in which the symbolic links to externally packaged GIMP plugins are installed and removed, causing the symbolic links to vanish when the package is updated. Users of The GIMP should update to these erratum packages which contain a backported fix to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0343.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2356 BugTraq ID: 23680 http://www.securityfocus.com/bid/23680 Bugtraq: 20070430 FLEA-2007-0015-1: gimp (Google Search) http://www.securityfocus.com/archive/1/467231/100/0/threaded Debian Security Information: DSA-1301 (Google Search) http://www.debian.org/security/2007/dsa-1301 http://security.gentoo.org/glsa/glsa-200705-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5960 http://www.redhat.com/support/errata/RHSA-2007-0343.html http://www.securitytracker.com/id?1018092 http://secunia.com/advisories/25012 http://secunia.com/advisories/25111 http://secunia.com/advisories/25167 http://secunia.com/advisories/25239 http://secunia.com/advisories/25346 http://secunia.com/advisories/25359 http://secunia.com/advisories/25466 http://secunia.com/advisories/25573 http://secunia.com/advisories/28114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 SuSE Security Announcement: SUSE-SR:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http://www.ubuntu.com/usn/usn-467-1 http://www.vupen.com/english/advisories/2007/1560 http://www.vupen.com/english/advisories/2007/4241 XForce ISS Database: gimp-sunras-plugin-bo(33911) https://exchange.xforce.ibmcloud.com/vulnerabilities/33911
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.