Lucene search

K
ubuntuUbuntuUSN-1559-1
HistorySep 10, 2012 - 12:00 a.m.

GIMP vulnerabilities

2012-09-1000:00:00
ubuntu.com
41

6.8 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.5%

Releases

  • Ubuntu 12.04
  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04

Packages

  • gimp - The GNU Image Manipulation Program

Details

Joseph Sheridan discovered that GIMP incorrectly handled certain malformed
headers in FIT files. If a user were tricked into opening a specially
crafted FIT image file, an attacker could cause GIMP to crash.
(CVE-2012-3236)

Murray McAllister discovered that GIMP incorrectly handled malformed KiSS
palette files. If a user were tricked into opening a specially crafted KiSS
palette file, an attacker could cause GIMP to crash, or possibly execute
arbitrary code with the user’s privileges. (CVE-2012-3403)

Matthias Weckbecker discovered that GIMP incorrectly handled malformed GIF
image files. If a user were tricked into opening a specially crafted GIF
image file, an attacker could cause GIMP to crash, or possibly execute
arbitrary code with the user’s privileges. (CVE-2012-3481)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.04noarchgimp< 2.6.12-1ubuntu1.1UNKNOWN
Ubuntu12.04noarchgimp-dbg< 2.6.12-1ubuntu1.1UNKNOWN
Ubuntu12.04noarchlibgimp2.0< 2.6.12-1ubuntu1.1UNKNOWN
Ubuntu12.04noarchlibgimp2.0-dev< 2.6.12-1ubuntu1.1UNKNOWN
Ubuntu11.10noarchgimp< 2.6.11-2ubuntu4.1UNKNOWN
Ubuntu11.10noarchgimp-dbg< 2.6.11-2ubuntu4.1UNKNOWN
Ubuntu11.10noarchlibgimp2.0< 2.6.11-2ubuntu4.1UNKNOWN
Ubuntu11.10noarchlibgimp2.0-dev< 2.6.11-2ubuntu4.1UNKNOWN
Ubuntu11.04noarchgimp< 2.6.11-1ubuntu6.3UNKNOWN
Ubuntu11.04noarchgimp-dbg< 2.6.11-1ubuntu6.3UNKNOWN
Rows per page:
1-10 of 161

6.8 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.5%