Lucene search

PRIOn knowledge basePRION:CVE-2007-3741

HistoryAug 27, 2007 - 5:17 p.m.

Code injection

2007-08-2717:17:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

88.7%

JSON

The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.

References

osvdb.org/42128

osvdb.org/42129

osvdb.org/42130

osvdb.org/42131

secunia.com/advisories/26575

secunia.com/advisories/26939

www.mandriva.com/security/advisories?name=MDKSA-2007:170

www.redhat.com/support/errata/RHSA-2007-0513.html

www.securityfocus.com/bid/25424

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10099

6.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

88.7%

JSON

Related for PRION:CVE-2007-3741