Lucene search
Mandriva Update for gimp MDVSA-2012:142 (gimp)
🗓️ 24 Aug 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 20 Views
Update for gimp MDVSA-2012:142 addresses heap-based buffer overflow and integer overflow vulnerabilities in gimp, leading to potential arbitrary code execution and crashes
Show more
| Reporter | Title | Published | Views | Family All 84 |
|---|---|---|---|---|
| Fedora Update for gimp FEDORA-2012-12383 | 30 Aug 201200:00 | – | openvas |
| Fedora Update for gimp FEDORA-2012-12364 | 4 Sep 201200:00 | – | openvas |
| Mandriva Update for gimp MDVSA-2012:142 (gimp) | 24 Aug 201200:00 | – | openvas |
| Fedora Update for gimp FEDORA-2012-12383 | 30 Aug 201200:00 | – | openvas |
| Fedora Update for gimp FEDORA-2012-12364 | 4 Sep 201200:00 | – | openvas |
| Fedora Update for gimp FEDORA-2013-2000 | 22 Feb 201300:00 | – | openvas |
| Ubuntu: Security Advisory (USN-1559-1) | 11 Sep 201200:00 | – | openvas |
| Oracle: Security Advisory (ELSA-2012-1180) | 6 Oct 201500:00 | – | openvas |
| RedHat Update for gimp RHSA-2012:1180-01 | 21 Aug 201200:00 | – | openvas |
| RedHat Update for gimp RHSA-2012:1180-01 | 21 Aug 201200:00 | – | openvas |
10
| Source | Link |
|---|---|
| mandriva | www.mandriva.com/en/support/security/advisories/ |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:142");
script_oid("1.3.6.1.4.1.25623.1.0.831726");
script_version("2023-07-14T05:06:08+0000");
script_tag(name:"last_modification", value:"2023-07-14 05:06:08 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2012-08-24 09:57:21 +0530 (Fri, 24 Aug 2012)");
script_cve_id("CVE-2012-3403", "CVE-2012-3481");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_xref(name:"MDVSA", value:"2012:142");
script_name("Mandriva Update for gimp MDVSA-2012:142 (gimp)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'gimp'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(2011\.0|mes5\.2)");
script_tag(name:"affected", value:"gimp on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"Multiple vulnerabilities has been discovered and corrected in gimp:
A heap-based buffer overflow flaw, leading to invalid free, was
found in the way KISS CEL file format plug-in of Gimp, the GNU Image
Manipulation Program, performed loading of certain palette files. A
remote attacker could provide a specially-crafted KISS palette file
that, when opened in Gimp would cause the CEL plug-in to crash or,
potentially, execute arbitrary code with the privileges of the user
running the gimp executable (CVE-2012-3403).
Integer overflow, leading to heap-based buffer overflow flaw was
found in the GIMP's GIF (Graphics Interchange Format) image file
plug-in. An attacker could create a specially-crafted GIF image
file that, when opened, could cause the GIF plug-in to crash or,
potentially, execute arbitrary code with the privileges of the user
running the GIMP (CVE-2012-3481).
The updated gimp packages have been upgraded to the 2.6.12 version
and patched to correct these issues.
Additionally for Mandriva Enterprise server 5 the gegl packages
was upgraded to the 0.0.22 version and rebuilt for ffmpeg 0.5.9,
the enscript packages was added because of a build dependency, the
gutenprint and mtink packages was rebuilt against the gimp 2.6.12
libraries.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "MNDK_2011.0")
{
if ((res = isrpmvuln(pkg:"gimp", rpm:"gimp~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gimp-python", rpm:"gimp-python~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgimp2.0_0", rpm:"libgimp2.0_0~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgimp2.0-devel", rpm:"libgimp2.0-devel~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gimp2.0_0", rpm:"lib64gimp2.0_0~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gimp2.0-devel", rpm:"lib64gimp2.0-devel~2.6.12~0.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "MNDK_mes5.2")
{
if ((res = isrpmvuln(pkg:"enscript", rpm:"enscript~1.6.4~8.2mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gegl", rpm:"gegl~0.0.22~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gimp", rpm:"gimp~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gimp-python", rpm:"gimp-python~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-common", rpm:"gutenprint-common~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-cups", rpm:"gutenprint-cups~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-escputil", rpm:"gutenprint-escputil~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-foomatic", rpm:"gutenprint-foomatic~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-gimp2", rpm:"gutenprint-gimp2~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint-ijs", rpm:"gutenprint-ijs~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgegl0", rpm:"libgegl0~0.0.22~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgegl-devel", rpm:"libgegl-devel~0.0.22~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgimp2.0_0", rpm:"libgimp2.0_0~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgimp2.0-devel", rpm:"libgimp2.0-devel~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgutenprint2", rpm:"libgutenprint2~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgutenprint2-devel", rpm:"libgutenprint2-devel~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgutenprintui2_1", rpm:"libgutenprintui2_1~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgutenprintui2_1-devel", rpm:"libgutenprintui2_1-devel~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mtink", rpm:"mtink~1.0.14~14.2mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gutenprint", rpm:"gutenprint~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gegl0", rpm:"lib64gegl0~0.0.22~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gegl-devel", rpm:"lib64gegl-devel~0.0.22~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gimp2.0_0", rpm:"lib64gimp2.0_0~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gimp2.0-devel", rpm:"lib64gimp2.0-devel~2.6.12~0.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gutenprint2", rpm:"lib64gutenprint2~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gutenprint2-devel", rpm:"lib64gutenprint2-devel~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gutenprintui2_1", rpm:"lib64gutenprintui2_1~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gutenprintui2_1-devel", rpm:"lib64gutenprintui2_1-devel~5.2.3~0.3mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo24 Aug 2012 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS26.8
EPSS0.04289