EulerOS 2.0 SP1 : gimp, gimp-help (EulerOS-SA-2016-1075)

🗓️ 01 May 2017 00:00:00Reported by TenableType

EulerOS 2.0 SP1 gimp and gimp-help packages vulnerabilit

Reporter	Title	Published	Views	Family All 71
FreeBSD	The GIMP -- Use after Free vulnerability	20 Jun 201600:00	–	freebsd
ArchLinux	gimp: arbitrary code execution	17 Jul 201600:00	–	archlinux
Tenable Nessus	CentOS 7 : gimp / gimp-help (CESA-2016:2589)	28 Nov 201600:00	–	nessus
Tenable Nessus	Debian DLA-525-1 : gimp security update	27 Jun 201600:00	–	nessus
Tenable Nessus	Debian DSA-3612-1 : gimp - security update	5 Jul 201600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : gimp (EulerOS-SA-2019-2021)	24 Sep 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : gimp (EulerOS-SA-2019-2471)	4 Dec 201900:00	–	nessus
Tenable Nessus	Fedora 23 : 2:gimp (2016-20db5e796b)	15 Jul 201600:00	–	nessus
Tenable Nessus	Fedora 24 : 2:gimp (2016-6122983949)	15 Jul 201600:00	–	nessus
Tenable Nessus	Fedora 22 : 2:gimp (2016-acbd6a75f3)	18 Jul 201600:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(99835);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/12/22");

  script_cve_id("CVE-2016-4994");

  script_name(english:"EulerOS 2.0 SP1 : gimp, gimp-help (EulerOS-SA-2016-1075)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the version of the gimp, gimp-help packages installed,
the EulerOS installation on the remote host is affected by the
following vulnerability :

  - Multiple use-after-free vulnerabilities were found in
    GIMP in the channel and layer properties parsing
    process when loading XCF files.An attacker could create
    a specially crafted XCF file which could cause GIMP to
    crash. (CVE-2016-4994)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1075
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d6271000");
  script_set_attribute(attribute:"solution", value:
"Update the affected gimp, gimp-help package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-4994");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gimp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gimp-help");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gimp-libs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["gimp-2.8.10-3.h1",
        "gimp-help-2.8.2-1",
        "gimp-libs-2.8.10-3.h1"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp, gimp-help");
}

22 Dec 2025 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 26.8

CVSS 3.17.8

EPSS0.00639