Lucene search

[email protected]CVE-2007-3741

HistoryAug 27, 2007 - 5:17 p.m.

CVE-2007-3741

2007-08-2717:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

gimp

plugins

psp

bmp

pcx

psd

denial of service

remote attack

image files

6.5 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.

CPENameOperatorVersion
gnu:gimpgnu gimpeq*

CPE	Name	Operator	Version
gnu:gimp	gnu gimp	eq	*

References

osvdb.org/42128

osvdb.org/42129

osvdb.org/42130

osvdb.org/42131

secunia.com/advisories/26575

secunia.com/advisories/26939

www.mandriva.com/security/advisories?name=MDKSA-2007:170

www.redhat.com/support/errata/RHSA-2007-0513.html

www.securityfocus.com/bid/25424

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10099

6.5 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Related for CVE-2007-3741

prion1 ubuntucve1 cvelist1 debiancve1 veracode1 openvas3 nessus5 centos2 redhat1 oraclelinux1