{"id": "DEBIAN_DLA-525.NASL", "bulletinFamily": "scanner", "title": "Debian DLA-525-1 : gimp security update", "description": "It was discovered that there was a use-after-free vulnerability in the\nchannel and layer properties parsing process in Gimp, the GNU Image\nManipulation Program.\n\nFor Debian 7 'Wheezy', this issue has been fixed in gimp version\n2.8.2-2+deb7u2.\n\nWe recommend that you upgrade your gimp packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "published": "2016-06-27T00:00:00", "modified": "2016-06-27T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/91831", "reporter": "This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.", "references": ["https://lists.debian.org/debian-lts-announce/2016/06/msg00026.html", "https://packages.debian.org/source/wheezy/gimp"], "cvelist": ["CVE-2016-4994"], "type": "nessus", "lastseen": "2021-01-12T09:43:52", "edition": 17, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-4994"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310808557", "OPENVAS:1361412562311220192021", "OPENVAS:1361412562310808559", "OPENVAS:1361412562310808884", "OPENVAS:1361412562310871699", "OPENVAS:1361412562311220161075", "OPENVAS:703612", "OPENVAS:1361412562310703612", "OPENVAS:1361412562310842822", "OPENVAS:1361412562311220192471"]}, {"type": "centos", "idList": ["CESA-2016:2589"]}, {"type": "fedora", "idList": ["FEDORA:B7731608799F", "FEDORA:B75DA605DFD0", "FEDORA:051886075EEB"]}, {"type": "redhat", "idList": ["RHSA-2016:2589"]}, {"type": "kaspersky", "idList": ["KLA10860"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3612-1:DCB79", "DEBIAN:DLA-525-1:5560A"]}, {"type": "freebsd", "idList": ["6FB8A90F-C9D5-4D14-B940-AED3D63C2EDC"]}, {"type": "archlinux", "idList": ["ASA-201607-5"]}, {"type": "ubuntu", "idList": ["USN-3025-1"]}, {"type": "slackware", "idList": ["SSA-2016-203-01"]}, {"type": "nessus", "idList": ["FEDORA_2016-20DB5E796B.NASL", "REDHAT-RHSA-2016-2589.NASL", "FREEBSD_PKG_6FB8A90FC9D54D14B940AED3D63C2EDC.NASL", "SLACKWARE_SSA_2016-203-01.NASL", "DEBIAN_DSA-3612.NASL", "CENTOS_RHSA-2016-2589.NASL", "EULEROS_SA-2016-1075.NASL", "FEDORA_2016-ACBD6A75F3.NASL", "FEDORA_2016-6122983949.NASL", "EULEROS_SA-2019-2471.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2589"]}], "modified": "2021-01-12T09:43:52", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-01-12T09:43:52", "rev": 2}, "vulnersScore": 5.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-525-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91831);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4994\");\n\n script_name(english:\"Debian DLA-525-1 : gimp security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a use-after-free vulnerability in the\nchannel and layer properties parsing process in Gimp, the GNU Image\nManipulation Program.\n\nFor Debian 7 'Wheezy', this issue has been fixed in gimp version\n2.8.2-2+deb7u2.\n\nWe recommend that you upgrade your gimp packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/06/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/gimp\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gimp-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gimp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgimp2.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgimp2.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgimp2.0-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"gimp\", reference:\"2.8.2-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gimp-data\", reference:\"2.8.2-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gimp-dbg\", reference:\"2.8.2-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgimp2.0\", reference:\"2.8.2-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgimp2.0-dev\", reference:\"2.8.2-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgimp2.0-doc\", reference:\"2.8.2-2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "91831", "cpe": ["p-cpe:/a:debian:debian_linux:gimp", "p-cpe:/a:debian:debian_linux:gimp-dbg", "p-cpe:/a:debian:debian_linux:gimp-data", "p-cpe:/a:debian:debian_linux:libgimp2.0-doc", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libgimp2.0", "p-cpe:/a:debian:debian_linux:libgimp2.0-dev"], "scheme": null, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}

{"cve": [{"lastseen": "2020-12-09T20:07:39", "description": "Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.\n<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-12T19:59:00", "title": "CVE-2016-4994", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4994"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/a:gimp:gimp:2.8.16"], "id": "CVE-2016-4994", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4994", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gimp:gimp:2.8.16:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:54:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "Shmuel H discovered that GIMP, the GNU\nImage Manipulation Program, is prone to a use-after-free vulnerability in the channel\nand layer properties parsing process when loading a XCF file. An attacker can take\nadvantage of this flaw to potentially execute arbitrary code with the\nprivileges of the user running GIMP if a specially crafted XCF file is\nprocessed.", "modified": "2017-07-07T00:00:00", "published": "2016-07-01T00:00:00", "id": "OPENVAS:703612", "href": "http://plugins.openvas.org/nasl.php?oid=703612", "type": "openvas", "title": "Debian Security Advisory DSA 3612-1 (gimp - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3612.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3612-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703612);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-4994\");\n script_name(\"Debian Security Advisory DSA 3612-1 (gimp - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-07-01 00:00:00 +0200 (Fri, 01 Jul 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3612.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"gimp on Debian Linux\");\n script_tag(name: \"insight\", value: \"GIMP is an advanced picture editor.\nYou can use it to edit, enhance, and retouch photos and scans, create drawings,\nand make your own images. It has a large collection of professional-level editing\ntools and filters, similar to the ones you might find in Photoshop. Numerous\nfine-control settings and features like layers, paths, masks, and\nscripting give you total control over your images.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), this\nproblem has been fixed in version 2.8.14-1+deb8u1.\n\nWe recommend that you upgrade your gimp packages.\");\n script_tag(name: \"summary\", value: \"Shmuel H discovered that GIMP, the GNU\nImage Manipulation Program, is prone to a use-after-free vulnerability in the channel\nand layer properties parsing process when loading a XCF file. An attacker can take\nadvantage of this flaw to potentially execute arbitrary code with the\nprivileges of the user running GIMP if a specially crafted XCF file is\nprocessed.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.8.14-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-01-27T18:36:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192471", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gimp (EulerOS-SA-2019-2471)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2471\");\n script_version(\"2020-01-23T13:00:34+0000\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:00:34 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:00:34 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gimp (EulerOS-SA-2019-2471)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2471\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2471\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gimp' package(s) announced via the EulerOS-SA-2019-2471 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.(CVE-2016-4994)\");\n\n script_tag(name:\"affected\", value:\"'gimp' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.10~3.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.8.10~3.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "Shmuel H discovered that GIMP, the GNU\nImage Manipulation Program, is prone to a use-after-free vulnerability in the channel\nand layer properties parsing process when loading a XCF file. An attacker can take\nadvantage of this flaw to potentially execute arbitrary code with the\nprivileges of the user running GIMP if a specially crafted XCF file is\nprocessed.", "modified": "2019-03-18T00:00:00", "published": "2016-07-01T00:00:00", "id": "OPENVAS:1361412562310703612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703612", "type": "openvas", "title": "Debian Security Advisory DSA 3612-1 (gimp - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3612.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3612-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703612\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-4994\");\n script_name(\"Debian Security Advisory DSA 3612-1 (gimp - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-01 00:00:00 +0200 (Fri, 01 Jul 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3612.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"gimp on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), this\nproblem has been fixed in version 2.8.14-1+deb8u1.\n\nWe recommend that you upgrade your gimp packages.\");\n script_tag(name:\"summary\", value:\"Shmuel H discovered that GIMP, the GNU\nImage Manipulation Program, is prone to a use-after-free vulnerability in the channel\nand layer properties parsing process when loading a XCF file. An attacker can take\nadvantage of this flaw to potentially execute arbitrary code with the\nprivileges of the user running GIMP if a specially crafted XCF file is\nprocessed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.8.14-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-07-06T00:00:00", "id": "OPENVAS:1361412562310842822", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842822", "type": "openvas", "title": "Ubuntu Update for gimp USN-3025-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for gimp USN-3025-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842822\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-06 05:25:51 +0200 (Wed, 06 Jul 2016)\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for gimp USN-3025-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that GIMP incorrectly\n handled malformed XCF files. If a user were tricked into opening a specially\n crafted XCF file, an attacker could cause GIMP to crash, or possibly execute\n arbitrary code with the user's privileges.\");\n script_tag(name:\"affected\", value:\"gimp on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3025-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3025-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.8.10-0ubuntu1.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.12-1ubuntu1.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.8.14-1ubuntu2.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161075", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gimp, gimp-help (EulerOS-SA-2016-1075)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1075\");\n script_version(\"2020-01-23T10:42:14+0000\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:42:14 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:42:14 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gimp, gimp-help (EulerOS-SA-2016-1075)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1075\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1075\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gimp, gimp-help' package(s) announced via the EulerOS-SA-2016-1075 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files.An attacker could create a specially crafted XCF file which could cause GIMP to crash. (CVE-2016-4994)\");\n\n script_tag(name:\"affected\", value:\"'gimp, gimp-help' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.10~3.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.8.10~3.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp-help\", rpm:\"gimp-help~2.8.2~1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808559", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2016-20db5e796b", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2016-20db5e796b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808559\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:20:50 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gimp FEDORA-2016-20db5e796b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-20db5e796b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KKEYGE7D2BF645BHI7F52EZHXP2N4UCN\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.16~2.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808557", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808557", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2016-6122983949", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2016-6122983949\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808557\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:20:00 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gimp FEDORA-2016-6122983949\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-6122983949\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VFHJ2FVKWIMYXGK7XY35JDWPRLMV7QT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.16~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-11-04T00:00:00", "id": "OPENVAS:1361412562310871699", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871699", "type": "openvas", "title": "RedHat Update for gimp RHSA-2016:2589-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gimp RHSA-2016:2589-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871699\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-04 05:42:21 +0100 (Fri, 04 Nov 2016)\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for gimp RHSA-2016:2589-02\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The GIMP (GNU Image Manipulation Program)\nis an image composition and editing program. GIMP provides a large image\nmanipulation toolbox, including channel operations and layers, effects, sub-pixel\nimaging and anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version: gimp\n(2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es):\n\n * Multiple use-after-free vulnerabilities were found in GIMP in the channel\nand layer properties parsing process when loading XCF files. An attacker\ncould create a specially crafted XCF file which could cause GIMP to crash.\n(CVE-2016-4994)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\");\n script_tag(name:\"affected\", value:\"gimp on\n Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2589-02\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-November/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp-help\", rpm:\"gimp-help~2.8.2~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.16~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-debuginfo\", rpm:\"gimp-debuginfo~2.8.16~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.8.16~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310808884", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808884", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2016-acbd6a75f3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2016-acbd6a75f3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808884\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:56:49 +0530 (Tue, 02 Aug 2016)\");\n script_cve_id(\"CVE-2016-4994\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gimp FEDORA-2016-acbd6a75f3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-acbd6a75f3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JNF32YDTGBS6NZPDPFJ7R3IWDVCZO7XD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.16~2.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12713", "CVE-2016-4994"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192021", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192021", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gimp (EulerOS-SA-2019-2021)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2021\");\n script_version(\"2020-01-23T12:31:09+0000\");\n script_cve_id(\"CVE-2016-4994\", \"CVE-2018-12713\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:31:09 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:31:09 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gimp (EulerOS-SA-2019-2021)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2021\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2021\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gimp' package(s) announced via the EulerOS-SA-2019-2021 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files.An attacker could create a specially crafted XCF file which could cause GIMP to crash. (CVE-2016-4994)\n\nGIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was intended to be private.(CVE-2018-12713)\");\n\n script_tag(name:\"affected\", value:\"'gimp' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.8.10~3.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.8.10~3.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:24:50", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "**CentOS Errata and Security Advisory** CESA-2016:2589\n\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version: gimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es):\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files. An attacker could create a specially crafted XCF file which could cause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-November/003202.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-November/003594.html\n\n**Affected packages:**\ngimp\ngimp-devel\ngimp-devel-tools\ngimp-help\ngimp-help-ca\ngimp-help-da\ngimp-help-de\ngimp-help-el\ngimp-help-en_GB\ngimp-help-es\ngimp-help-fr\ngimp-help-it\ngimp-help-ja\ngimp-help-ko\ngimp-help-nl\ngimp-help-nn\ngimp-help-pt_BR\ngimp-help-ru\ngimp-help-sl\ngimp-help-sv\ngimp-help-zh_CN\ngimp-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2589.html", "edition": 3, "modified": "2016-11-25T15:57:43", "published": "2016-11-25T15:25:34", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003202.html", "id": "CESA-2016:2589", "title": "gimp security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:19", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "Package : gimp\nVersion : 2.8.2-2+deb7u2\nCVE ID : CVE-2016-4994\n\nIt was discovered that there was a use-after-free vulnerability\nin the channel and layer properties parsing process in Gimp, the\nGNU Image Manipulation Program.\n\nFor Debian 7 &quot;Wheezy&quot;, this issue has been fixed in gimp version\n2.8.2-2+deb7u2.\n\nWe recommend that you upgrade your gimp packages.\n\n\nRegards,\n\n- -- \n ,&#x27;&#x27;`.\n : :&#x27; : Chris Lamb\n `. `&#x27;` lamby@debian.org / chris-lamb.co.uk\n `-\n\n", "edition": 3, "modified": "2016-06-25T15:58:34", "published": "2016-06-25T15:58:34", "id": "DEBIAN:DLA-525-1:5560A", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201606/msg00026.html", "title": "[SECURITY] [DLA 525-1] gimp security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:02:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3612-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 01, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : gimp\nCVE ID : CVE-2016-4994\nDebian Bug : 828179\n\nShmuel H discovered that GIMP, the GNU Image Manipulation Program, is\nprone to a use-after-free vulnerability in the channel and layer\nproperties parsing process when loading a XCF file. An attacker can take\nadvantage of this flaw to potentially execute arbitrary code with the\nprivileges of the user running GIMP if a specially crafted XCF file is\nprocessed.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.8.14-1+deb8u1.\n\nWe recommend that you upgrade your gimp packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2016-07-01T19:14:22", "published": "2016-07-01T19:14:22", "id": "DEBIAN:DSA-3612-1:DCB79", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00190.html", "title": "[SECURITY] [DSA 3612-1] gimp security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:36", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "Multiple Use-After-Free when parsing XCF channel and layer properties.", "modified": "2016-07-17T00:00:00", "published": "2016-07-17T00:00:00", "id": "ASA-201607-5", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html", "type": "archlinux", "title": "gimp: arbitrary code execution", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:34:45", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "It was discovered that GIMP incorrectly handled malformed XCF files. If a \nuser were tricked into opening a specially crafted XCF file, an attacker \ncould cause GIMP to crash, or possibly execute arbitrary code with the \nuser's privileges.", "edition": 5, "modified": "2016-07-05T00:00:00", "published": "2016-07-05T00:00:00", "id": "USN-3025-1", "href": "https://ubuntu.com/security/notices/USN-3025-1", "title": "GIMP vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:22", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/gimp-2.8.18-i586-1_slack14.2.txz: Upgraded.\n This release fixes a security issue:\n Use-after-free vulnerability in the xcf_load_image function in\n app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of\n service (program crash) or possibly execute arbitrary code via a crafted\n XCF file.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gimp-2.8.18-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gimp-2.8.18-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gimp-2.8.18-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gimp-2.8.18-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gimp-2.8.18-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gimp-2.8.18-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gimp-2.8.18-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/gimp-2.8.18-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n36cb0b80c948b3012ee5e2130186cc7f gimp-2.8.18-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n180c06dbd99264d71608cf8bb080fdfa gimp-2.8.18-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n453923367e46e220f712832cc7dbeaef gimp-2.8.18-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n07f00caa7ff13ef6d0bb0cdc6ae94911 gimp-2.8.18-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n099fd28f2dadb1234e4e2ba7285e3477 gimp-2.8.18-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n1446172cd7c363ca66edd2f7053f54bd gimp-2.8.18-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n5e987d454c571fae7d78d4ecce595d3f xap/gimp-2.8.18-i586-1.txz\n\nSlackware x86_64 -current package:\nf9418d356da32a50dbd1029125abb422 xap/gimp-2.8.18-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gimp-2.8.18-i586-1_slack14.2.txz", "modified": "2016-07-21T23:38:02", "published": "2016-07-21T23:38:02", "id": "SSA-2016-203-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987", "type": "slackware", "title": "[slackware-security] gimp", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "\nThe GIMP team reports:\n\nA Use-after-free vulnerability was found in the xcf_load_image function.\n\n", "edition": 4, "modified": "2016-06-20T00:00:00", "published": "2016-06-20T00:00:00", "id": "6FB8A90F-C9D5-4D14-B940-AED3D63C2EDC", "href": "https://vuxml.freebsd.org/freebsd/6fb8a90f-c9d5-4d14-b940-aed3d63c2edc.html", "title": "The GIMP -- Use after Free vulnerability", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2020-09-02T11:42:16", "bulletinFamily": "info", "cvelist": ["CVE-2016-4994"], "description": "### *Detect date*:\n07/12/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nUse-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file.\n\n### *Affected products*:\nGIMP versions earlier than 2.8.18\n\n### *Solution*:\nUpdate to the latest version \n[GIMP downloads page](<https://www.gimp.org/downloads/>)\n\n### *Original advisories*:\n[GIMP update new](<https://www.gimp.org/news/2016/07/14/gimp-2-8-18-released/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[GIMP](<https://threats.kaspersky.com/en/product/GIMP/>)\n\n### *CVE-IDS*:\n[CVE-2016-4994](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994>)6.8High", "edition": 42, "modified": "2020-05-22T00:00:00", "published": "2016-07-12T00:00:00", "id": "KLA10860", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10860", "title": "\r KLA10860Code execution vulnerability in GIMP ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version: gimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es):\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files. An attacker could create a specially crafted XCF file which could cause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "modified": "2018-04-12T03:33:13", "published": "2016-11-03T10:07:15", "id": "RHSA-2016:2589", "href": "https://access.redhat.com/errata/RHSA-2016:2589", "type": "redhat", "title": "(RHSA-2016:2589) Moderate: gimp security, bug fix, and enhancement update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "modified": "2016-07-05T05:05:51", "published": "2016-07-05T05:05:51", "id": "FEDORA:B7731608799F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: gimp-2.8.16-2.fc24", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "modified": "2016-07-09T23:55:27", "published": "2016-07-09T23:55:27", "id": "FEDORA:B75DA605DFD0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: gimp-2.8.16-2.fc23", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4994"], "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "modified": "2016-07-15T10:19:23", "published": "2016-07-15T10:19:23", "id": "FEDORA:051886075EEB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: gimp-2.8.16-2.fc22", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T05:06:51", "description": "An update for gimp and gimp-help is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program. GIMP provides a large image manipulation toolbox,\nincluding channel operations and layers, effects, sub-pixel imaging\nand anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es) :\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the\nchannel and layer properties parsing process when loading XCF files.\nAn attacker could create a specially crafted XCF file which could\ncause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.", "edition": 28, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-04T00:00:00", "title": "RHEL 7 : gimp (RHSA-2016:2589)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gimp-help-sv", "p-cpe:/a:redhat:enterprise_linux:gimp-help-zh_CN", "p-cpe:/a:redhat:enterprise_linux:gimp-help-pt_BR", "p-cpe:/a:redhat:enterprise_linux:gimp", "p-cpe:/a:redhat:enterprise_linux:gimp-help-ko", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:gimp-help-nl", "p-cpe:/a:redhat:enterprise_linux:gimp-help-ca", "p-cpe:/a:redhat:enterprise_linux:gimp-help-nn", "p-cpe:/a:redhat:enterprise_linux:gimp-help-ru", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:gimp-devel", "p-cpe:/a:redhat:enterprise_linux:gimp-devel-tools", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:gimp-help-ja", "p-cpe:/a:redhat:enterprise_linux:gimp-help-en_GB", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:gimp-libs", "p-cpe:/a:redhat:enterprise_linux:gimp-help-el", "p-cpe:/a:redhat:enterprise_linux:gimp-help", "p-cpe:/a:redhat:enterprise_linux:gimp-help-fr", "p-cpe:/a:redhat:enterprise_linux:gimp-help-sl", "p-cpe:/a:redhat:enterprise_linux:gimp-help-es", "p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:gimp-help-da", "p-cpe:/a:redhat:enterprise_linux:gimp-help-de", "p-cpe:/a:redhat:enterprise_linux:gimp-help-it"], "id": "REDHAT-RHSA-2016-2589.NASL", "href": "https://www.tenable.com/plugins/nessus/94552", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2589. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94552);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-4994\");\n script_xref(name:\"RHSA\", value:\"2016:2589\");\n\n script_name(english:\"RHEL 7 : gimp (RHSA-2016:2589)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for gimp and gimp-help is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program. GIMP provides a large image manipulation toolbox,\nincluding channel operations and layers, effects, sub-pixel imaging\nand anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es) :\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the\nchannel and layer properties parsing process when loading XCF files.\nAn attacker could create a specially crafted XCF file which could\ncause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4994\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2589\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"gimp-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"gimp-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-debuginfo-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-devel-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"gimp-devel-tools-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"gimp-devel-tools-2.8.16-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-ca-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-da-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-de-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-el-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-en_GB-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-es-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-fr-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-it-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-ja-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-ko-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-nl-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-nn-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-pt_BR-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-ru-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-sl-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-sv-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-help-zh_CN-2.8.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gimp-libs-2.8.16-3.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-debuginfo / gimp-devel / gimp-devel-tools / gimp-help / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:24:25", "description": "gimp was updated to fix one security issue. This security issue was\nfixed :\n\n - CVE-2016-4994: Use-after-free vulnerabilities in the\n channel and layer properties parsing process\n (bsc#986021).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-08-29T00:00:00", "title": "SUSE SLED12 Security Update : gimp (SUSE-SU-2016:1962-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-08-29T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgimp-2_0-0-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:gimp-debuginfo", "p-cpe:/a:novell:suse_linux:libgimpui-2_0-0-debuginfo", "p-cpe:/a:novell:suse_linux:gimp-plugins-python-debuginfo", "p-cpe:/a:novell:suse_linux:libgimpui-2_0", "p-cpe:/a:novell:suse_linux:gimp-debugsource", "p-cpe:/a:novell:suse_linux:gimp", "p-cpe:/a:novell:suse_linux:gimp-plugins-python", "p-cpe:/a:novell:suse_linux:libgimp-2_0"], "id": "SUSE_SU-2016-1962-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1962-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93190);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-4994\");\n\n script_name(english:\"SUSE SLED12 Security Update : gimp (SUSE-SU-2016:1962-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gimp was updated to fix one security issue. This security issue was\nfixed :\n\n - CVE-2016-4994: Use-after-free vulnerabilities in the\n channel and layer properties parsing process\n (bsc#986021).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4994/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161962-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?32515f7c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2016-1156=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1156=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1156=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gimp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gimp-plugins-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gimp-plugins-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimp-2_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimp-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimpui-2_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimpui-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gimp-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gimp-debuginfo-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gimp-debugsource-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gimp-plugins-python-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gimp-plugins-python-debuginfo-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-debuginfo-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-2.8.10-7.8\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-debuginfo-2.8.10-7.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:43:50", "description": "It was discovered that GIMP incorrectly handled malformed XCF files.\nIf a user were tricked into opening a specially crafted XCF file, an\nattacker could cause GIMP to crash, or possibly execute arbitrary code\nwith the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-06T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : gimp vulnerability (USN-3025-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gimp", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3025-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91955", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3025-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91955);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-4994\");\n script_xref(name:\"USN\", value:\"3025-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : gimp vulnerability (USN-3025-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that GIMP incorrectly handled malformed XCF files.\nIf a user were tricked into opening a specially crafted XCF file, an\nattacker could cause GIMP to crash, or possibly execute arbitrary code\nwith the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3025-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"gimp\", pkgver:\"2.6.12-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"gimp\", pkgver:\"2.8.10-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"gimp\", pkgver:\"2.8.14-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:30:43", "description": "gimp was updated to version 2.8.16 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2016-4994: Use-after-free vulnerabilities in the\n channel and layer properties parsing process\n (bsc#986021).\n\nThis non-security issues were fixed :\n\n - Core :\n\n - Seek much less when writing XCF\n\n - Don't seek past the end of the file when writing XCF\n\n - Fix velocity parameter on .GIH brushes\n\n - Fix brokenness while transforming certain sets of linked\n layers\n\n - GUI :\n\n - Always show image tabs in single window mode\n\n - Fix switching of dock tabs by DND hovering\n\n - Don't make the scroll area for tags too small\n\n - Fixed a crash in the save dialog\n\n - Fix issue where ruler updates made things very slow on\n Windows\n\n-Plug-ins :\n\n - Fix several issues in the BMP plug-in\n\n - Make Gfig work with the new brush size behavior again\n\n - Fix font export in the PDF plug-in\n\n - Support layer groups in OpenRaster files\n\n - Fix loading of PSD files with layer groups", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-05T00:00:00", "title": "openSUSE Security Update : gimp (openSUSE-2016-822)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-07-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo", "p-cpe:/a:novell:opensuse:gimp-lang", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0-32bit", "p-cpe:/a:novell:opensuse:gimp-help-browser-debuginfo", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-32bit", "p-cpe:/a:novell:opensuse:gimp-debuginfo", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo", "p-cpe:/a:novell:opensuse:gimp-debugsource", "p-cpe:/a:novell:opensuse:gimp-plugins-python", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:gimp", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:gimp-devel", "p-cpe:/a:novell:opensuse:gimp-help-browser", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:gimp-plugin-aa", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0", "p-cpe:/a:novell:opensuse:gimp-plugin-aa-debuginfo", "p-cpe:/a:novell:opensuse:libgimp-2_0-0", "p-cpe:/a:novell:opensuse:gimp-plugins-python-debuginfo", "p-cpe:/a:novell:opensuse:gimp-devel-debuginfo"], "id": "OPENSUSE-2016-822.NASL", "href": "https://www.tenable.com/plugins/nessus/91942", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-822.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91942);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-4994\");\n\n script_name(english:\"openSUSE Security Update : gimp (openSUSE-2016-822)\");\n script_summary(english:\"Check for the openSUSE-2016-822 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gimp was updated to version 2.8.16 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2016-4994: Use-after-free vulnerabilities in the\n channel and layer properties parsing process\n (bsc#986021).\n\nThis non-security issues were fixed :\n\n - Core :\n\n - Seek much less when writing XCF\n\n - Don't seek past the end of the file when writing XCF\n\n - Fix velocity parameter on .GIH brushes\n\n - Fix brokenness while transforming certain sets of linked\n layers\n\n - GUI :\n\n - Always show image tabs in single window mode\n\n - Fix switching of dock tabs by DND hovering\n\n - Don't make the scroll area for tags too small\n\n - Fixed a crash in the save dialog\n\n - Fix issue where ruler updates made things very slow on\n Windows\n\n-Plug-ins :\n\n - Fix several issues in the BMP plug-in\n\n - Make Gfig work with the new brush size behavior again\n\n - Fix font export in the PDF plug-in\n\n - Support layer groups in OpenRaster files\n\n - Fix loading of PSD files with layer groups\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986021\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-help-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugin-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugin-aa-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugins-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugins-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-debugsource-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-devel-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-devel-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-help-browser-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-help-browser-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-lang-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-plugin-aa-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-plugin-aa-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-plugins-python-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gimp-plugins-python-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgimp-2_0-0-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgimp-2_0-0-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgimpui-2_0-0-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgimpui-2_0-0-debuginfo-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-32bit-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-debuginfo-32bit-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-32bit-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-debuginfo-32bit-2.8.16-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-debugsource-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-devel-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-devel-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-help-browser-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-help-browser-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-lang-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-plugin-aa-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-plugin-aa-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-plugins-python-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gimp-plugins-python-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgimp-2_0-0-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgimp-2_0-0-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgimpui-2_0-0-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgimpui-2_0-0-debuginfo-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-32bit-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-debuginfo-32bit-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-32bit-2.8.16-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-debuginfo-32bit-2.8.16-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-debuginfo / gimp-debugsource / gimp-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T09:01:12", "description": "According to the version of the gimp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - Use-after-free vulnerability in the xcf_load_image\n function in app/xcf/xcf-load.c in GIMP allows remote\n attackers to cause a denial of service (program crash)\n or possibly execute arbitrary code via a crafted XCF\n file.(CVE-2016-4994)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 9, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-12-04T00:00:00", "title": "EulerOS 2.0 SP2 : gimp (EulerOS-SA-2019-2471)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2019-12-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:gimp-libs", "p-cpe:/a:huawei:euleros:gimp", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2471.NASL", "href": "https://www.tenable.com/plugins/nessus/131624", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131624);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-4994\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : gimp (EulerOS-SA-2019-2471)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the gimp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - Use-after-free vulnerability in the xcf_load_image\n function in app/xcf/xcf-load.c in GIMP allows remote\n attackers to cause a denial of service (program crash)\n or possibly execute arbitrary code via a crafted XCF\n file.(CVE-2016-4994)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2471\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?42eca42a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"gimp-2.8.10-3.h4\",\n \"gimp-libs-2.8.10-3.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:54", "description": "New gimp packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.", "edition": 22, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-22T00:00:00", "title": "Slackware 14.0 / 14.1 / 14.2 / current : gimp (SSA:2016-203-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-07-22T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.2", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:gimp"], "id": "SLACKWARE_SSA_2016-203-01.NASL", "href": "https://www.tenable.com/plugins/nessus/92498", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-203-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92498);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4994\");\n script_xref(name:\"SSA\", value:\"2016-203-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : gimp (SSA:2016-203-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gimp packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ffc6dba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"gimp\", pkgver:\"2.8.18\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:49:41", "description": "Shmuel H discovered that GIMP, the GNU Image Manipulation Program, is\nprone to a use-after-free vulnerability in the channel and layer\nproperties parsing process when loading a XCF file. An attacker can\ntake advantage of this flaw to potentially execute arbitrary code with\nthe privileges of the user running GIMP if a specially crafted XCF\nfile is processed.", "edition": 22, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-05T00:00:00", "title": "Debian DSA-3612-1 : gimp - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-07-05T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:gimp"], "id": "DEBIAN_DSA-3612.NASL", "href": "https://www.tenable.com/plugins/nessus/91923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3612. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91923);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4994\");\n script_xref(name:\"DSA\", value:\"3612\");\n\n script_name(english:\"Debian DSA-3612-1 : gimp - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shmuel H discovered that GIMP, the GNU Image Manipulation Program, is\nprone to a use-after-free vulnerability in the channel and layer\nproperties parsing process when loading a XCF file. An attacker can\ntake advantage of this flaw to potentially execute arbitrary code with\nthe privileges of the user running GIMP if a specially crafted XCF\nfile is processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/gimp\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3612\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gimp packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.8.14-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"gimp\", reference:\"2.8.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gimp-data\", reference:\"2.8.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gimp-dbg\", reference:\"2.8.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgimp2.0\", reference:\"2.8.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgimp2.0-dev\", reference:\"2.8.14-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgimp2.0-doc\", reference:\"2.8.14-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:49:25", "description": "The following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2).\n\nSecurity Fix(es) :\n\n - Multiple use-after-free vulnerabilities were found in\n GIMP in the channel and layer properties parsing process\n when loading XCF files. An attacker could create a\n specially crafted XCF file which could cause GIMP to\n crash. (CVE-2016-4994)\n\nAdditional Changes :", "edition": 14, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-12-15T00:00:00", "title": "Scientific Linux Security Update : gimp on SL7.x x86_64 (20161103)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-12-15T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:gimp-help-fr", "p-cpe:/a:fermilab:scientific_linux:gimp-help-da", "p-cpe:/a:fermilab:scientific_linux:gimp-help-ru", "p-cpe:/a:fermilab:scientific_linux:gimp-help-sl", "p-cpe:/a:fermilab:scientific_linux:gimp-help-ko", "p-cpe:/a:fermilab:scientific_linux:gimp-help-ca", "p-cpe:/a:fermilab:scientific_linux:gimp-help-el", "p-cpe:/a:fermilab:scientific_linux:gimp-help-en_GB", "p-cpe:/a:fermilab:scientific_linux:gimp-libs", "p-cpe:/a:fermilab:scientific_linux:gimp-debuginfo", "p-cpe:/a:fermilab:scientific_linux:gimp-help-de", "p-cpe:/a:fermilab:scientific_linux:gimp-help-zh_CN", "p-cpe:/a:fermilab:scientific_linux:gimp", "p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools", "p-cpe:/a:fermilab:scientific_linux:gimp-help-sv", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:gimp-help-nl", "p-cpe:/a:fermilab:scientific_linux:gimp-help-ja", "p-cpe:/a:fermilab:scientific_linux:gimp-help-nn", "p-cpe:/a:fermilab:scientific_linux:gimp-help-pt_BR", "p-cpe:/a:fermilab:scientific_linux:gimp-help-it", "p-cpe:/a:fermilab:scientific_linux:gimp-devel", "p-cpe:/a:fermilab:scientific_linux:gimp-help-es", "p-cpe:/a:fermilab:scientific_linux:gimp-help"], "id": "SL_20161103_GIMP_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/95839", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95839);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4994\");\n\n script_name(english:\"Scientific Linux Security Update : gimp on SL7.x x86_64 (20161103)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2).\n\nSecurity Fix(es) :\n\n - Multiple use-after-free vulnerabilities were found in\n GIMP in the channel and layer properties parsing process\n when loading XCF files. An attacker could create a\n specially crafted XCF file which could cause GIMP to\n crash. (CVE-2016-4994)\n\nAdditional Changes :\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=8585\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b20af084\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gimp-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gimp-debuginfo-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gimp-devel-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gimp-devel-tools-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-ca-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-da-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-de-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-el-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-en_GB-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-es-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-fr-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-it-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-ja-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-ko-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-nl-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-nn-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-pt_BR-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-ru-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-sl-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-sv-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gimp-help-zh_CN-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gimp-libs-2.8.16-3.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-debuginfo / gimp-devel / gimp-devel-tools / gimp-help / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:50:51", "description": "From Red Hat Security Advisory 2016:2589 :\n\nAn update for gimp and gimp-help is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program. GIMP provides a large image manipulation toolbox,\nincluding channel operations and layers, effects, sub-pixel imaging\nand anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es) :\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the\nchannel and layer properties parsing process when loading XCF files.\nAn attacker could create a specially crafted XCF file which could\ncause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-11T00:00:00", "title": "Oracle Linux 7 : gimp (ELSA-2016-2589)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2016-11-11T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gimp-help-sl", "p-cpe:/a:oracle:linux:gimp-help-zh_CN", "p-cpe:/a:oracle:linux:gimp-help-ja", "p-cpe:/a:oracle:linux:gimp", "p-cpe:/a:oracle:linux:gimp-help-ru", "p-cpe:/a:oracle:linux:gimp-devel", "p-cpe:/a:oracle:linux:gimp-help-fr", "p-cpe:/a:oracle:linux:gimp-help-en_GB", "p-cpe:/a:oracle:linux:gimp-help-es", "p-cpe:/a:oracle:linux:gimp-devel-tools", "p-cpe:/a:oracle:linux:gimp-help-nn", "p-cpe:/a:oracle:linux:gimp-help-nl", "p-cpe:/a:oracle:linux:gimp-help-de", "p-cpe:/a:oracle:linux:gimp-help-ko", "p-cpe:/a:oracle:linux:gimp-help-it", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:gimp-help-pt_BR", "p-cpe:/a:oracle:linux:gimp-help-el", "p-cpe:/a:oracle:linux:gimp-help-da", "p-cpe:/a:oracle:linux:gimp-help-sv", "p-cpe:/a:oracle:linux:gimp-libs", "p-cpe:/a:oracle:linux:gimp-help-ca", "p-cpe:/a:oracle:linux:gimp-help"], "id": "ORACLELINUX_ELSA-2016-2589.NASL", "href": "https://www.tenable.com/plugins/nessus/94710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:2589 and \n# Oracle Linux Security Advisory ELSA-2016-2589 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94710);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4994\");\n script_xref(name:\"RHSA\", value:\"2016:2589\");\n\n script_name(english:\"Oracle Linux 7 : gimp (ELSA-2016-2589)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:2589 :\n\nAn update for gimp and gimp-help is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program. GIMP provides a large image manipulation toolbox,\nincluding channel operations and layers, effects, sub-pixel imaging\nand anti-aliasing, and conversions, all with multi-level undo.\n\nThe following packages have been upgraded to a newer upstream version:\ngimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)\n\nSecurity Fix(es) :\n\n* Multiple use-after-free vulnerabilities were found in GIMP in the\nchannel and layer properties parsing process when loading XCF files.\nAn attacker could create a specially crafted XCF file which could\ncause GIMP to crash. (CVE-2016-4994)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-November/006477.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-devel-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-devel-tools-2.8.16-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-ca-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-da-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-de-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-el-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-en_GB-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-es-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-fr-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-it-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-ja-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-ko-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-nl-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-nn-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-pt_BR-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-ru-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-sl-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-sv-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-help-zh_CN-2.8.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gimp-libs-2.8.16-3.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-devel-tools / gimp-help / gimp-help-ca / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:51:47", "description": "According to the version of the gimp, gimp-help packages installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerability :\n\n - Multiple use-after-free vulnerabilities were found in\n GIMP in the channel and layer properties parsing\n process when loading XCF files.An attacker could create\n a specially crafted XCF file which could cause GIMP to\n crash. (CVE-2016-4994)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "title": "EulerOS 2.0 SP1 : gimp, gimp-help (EulerOS-SA-2016-1075)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4994"], "modified": "2017-05-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:gimp-help", "p-cpe:/a:huawei:euleros:gimp-libs", "p-cpe:/a:huawei:euleros:gimp", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1075.NASL", "href": "https://www.tenable.com/plugins/nessus/99835", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99835);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-4994\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : gimp, gimp-help (EulerOS-SA-2016-1075)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the gimp, gimp-help packages installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerability :\n\n - Multiple use-after-free vulnerabilities were found in\n GIMP in the channel and layer properties parsing\n process when loading XCF files.An attacker could create\n a specially crafted XCF file which could cause GIMP to\n crash. (CVE-2016-4994)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1075\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d6271000\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gimp, gimp-help package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gimp-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"gimp-2.8.10-3.h1\",\n \"gimp-help-2.8.2-1\",\n \"gimp-libs-2.8.10-3.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp, gimp-help\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:05:15", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1978", "CVE-2013-1913", "CVE-2016-4994"], "description": "gimp\n[2:2.8.16-3]\n- fix multiple use-after-free bugs when parsing XCF channel and layer\n properties (#1348617)\n[2:2.8.16-2]\n- add back obsoletes necessary for RHEL\n[2:2.8.16-1]\n- version 2.8.16\n[2:2.8.14-3]\n- export-dialog-destroyed-crash patch: avoid subsequent warnings\n[2:2.8.14-2]\n- fix linking problem\n- use %buildroot macro consistently again\n[2:2.8.14-2]\n- avoid destroying dialog and occasional crashes while exporting (#1215905)\n[2:2.8.14-1.2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[2:2.8.14-1.1]\n- Use better AppData screenshots\n[2:2.8.14-1]\n- version 2.8.14\n[2:2.8.10-6.2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n- update source URL\n[2:2.8.10-6.1]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\n[2:2.8.10-6]\n- remove ancient obsoletes (#1002109)\n[2:2.8.10-5]\n- cope with freetype >= 2.5.1 include madness\n[2:2.8.10-5]\n- remove BRs contained in the minimal build environment\n- group BRs into libraries and tools\n- remove various old cruft\n- ship RPM macros for packaging plug-ins e.a. (#1063144)\n[2:2.8.10-4]\n- avoid buffer overflows in file-xwd plug-in (CVE-2013-1913, CVE-2013-1978)\ngimp-help\n[2.8.2-1]\n- version 2.8.2\n- use %global instead of %define\n- fix website and source URLs", "edition": 5, "modified": "2016-11-09T00:00:00", "published": "2016-11-09T00:00:00", "id": "ELSA-2016-2589", "href": "http://linux.oracle.com/errata/ELSA-2016-2589.html", "title": "gimp security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}