Lucene search

K
redhatcveRedhat.comRH:CVE-2023-44442
HistoryNov 16, 2023 - 1:34 a.m.

CVE-2023-44442

2023-11-1601:34:57
redhat.com
access.redhat.com
30
cve-2023-44442
parsing vulnerability
gnu image manipulation program
gimp
remote attacker
unauthorized code execution
mitigation
red hat product security

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.2%

A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.2%