Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702813
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2813-1 (gimp - several vulnerabilities)
Summary:Murray McAllister discovered multiple integer and buffer overflows in the;XWD plugin in Gimp, which can result in the execution of arbitrary code.
Description:Summary:
Murray McAllister discovered multiple integer and buffer overflows in the
XWD plugin in Gimp, which can result in the execution of arbitrary code.

Affected Software/OS:
gimp on Debian Linux

Solution:
For the oldstable distribution (squeeze), these problems have been fixed
in version 2.6.10-1+squeeze4. This update also fixes CVE-2012-3403,
CVE-2012-3481 and CVE-2012-5576
.

For the stable distribution (wheezy), these problems have been fixed in
version 2.8.2-2+deb7u1.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your gimp packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3481
BugTraq ID: 55101
http://www.securityfocus.com/bid/55101
http://www.mandriva.com/security/advisories?name=MDVSA-2012:142
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082
https://bugzilla.novell.com/show_bug.cgi?id=776572
https://bugzilla.redhat.com/show_bug.cgi?id=847303
http://www.openwall.com/lists/oss-security/2012/08/20/8
RedHat Security Advisories: RHSA-2012:1180
http://rhn.redhat.com/errata/RHSA-2012-1180.html
RedHat Security Advisories: RHSA-2012:1181
http://rhn.redhat.com/errata/RHSA-2012-1181.html
http://www.securitytracker.com/id?1027411
http://secunia.com/advisories/50296
SuSE Security Announcement: SUSE-SU-2012:1038 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00023.html
SuSE Security Announcement: openSUSE-SU-2012:1080 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
SuSE Security Announcement: openSUSE-SU-2012:1131 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
http://www.ubuntu.com/usn/USN-1559-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-5576
BugTraq ID: 56647
http://www.securityfocus.com/bid/56647
http://www.openwall.com/lists/oss-security/2012/11/27/1
http://secunia.com/advisories/51479
http://secunia.com/advisories/51528
SuSE Security Announcement: openSUSE-SU-2012:1623 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html
SuSE Security Announcement: openSUSE-SU-2013:0123 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html
http://www.ubuntu.com/usn/USN-1659-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1978
BugTraq ID: 64098
http://www.securityfocus.com/bid/64098
Debian Security Information: DSA-2813 (Google Search)
http://www.debian.org/security/2013/dsa-2813
https://security.gentoo.org/glsa/201603-01
RedHat Security Advisories: RHSA-2013:1778
http://rhn.redhat.com/errata/RHSA-2013-1778.html
http://www.ubuntu.com/usn/USN-2051-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1913
BugTraq ID: 64105
http://www.securityfocus.com/bid/64105
Common Vulnerability Exposure (CVE) ID: CVE-2012-3403
https://bugzilla.redhat.com/show_bug.cgi?id=839020
http://www.openwall.com/lists/oss-security/2012/08/20/7
SuSE Security Announcement: SUSE-SU-2012:1029 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00020.html
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.