6.5 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
89.2%
The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.
osvdb.org/42128
osvdb.org/42129
osvdb.org/42130
osvdb.org/42131
secunia.com/advisories/26575
secunia.com/advisories/26939
www.mandriva.com/security/advisories?name=MDKSA-2007:170
www.redhat.com/support/errata/RHSA-2007-0513.html
www.securityfocus.com/bid/25424
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10099