Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:632ED05411B004CC4A1116F769B3AE08
HistoryJun 11, 2012 - 12:00 a.m.

GIMP Script-Fu Server Buffer Overflow

2012-06-1100:00:00
SAINT Corporation
www.saintcorporation.com
21

0.97 High

EPSS

Percentile

99.7%

JSON

Added: 06/11/2012
CVE: CVE-2012-2763
BID: 53741
OSVDB: 82429

Background

The GNU Image Manipulation Program (GIMP) is free software for tasks such as photo retouching, image composition, and image authoring.

Problem

The vulnerability is due improper boundary checking within the Script-Fu server process when handling command input. This can be exploited to cause a buffer overflow via a specially crafted packet sent to TCP port 10008. Successful exploitation allows execution of arbitrary code.

Resolution

Upgrade to GIMP 2.8.0 or higher.

References

<http://secunia.com/advisories/49314/&gt;

Limitations

This exploit has been tested against GIMP 2.6.10 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

The Script-Fu server must be started.

Platforms

Windows

Related

ubuntucve 1
openvas 5
prion 1
nessus 5
packetstorm 1
exploitpack 1
debiancve 1
saint 3
cve 1
checkpoint_advisories 1
seebug 2
securityvulns 2
exploitdb 1
suse 1
gentoo 1
ubuntucve
ubuntucve
CVE-2012-2763
2012-07-12 00:00:00
openvas
openvas
GIMP Script-Fu Server Buffer Overflow Vulnerability
2012-06-27 00:00:00
SuSE Update for gimp openSUSE-SU-2012:1080-1 (gimp)
2012-12-13 00:00:00
openSUSE: Security Advisory for gimp (openSUSE-SU-2012:1080-1)
2012-12-13 00:00:00
prion
prion
Buffer overflow
2012-07-12 19:55:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : gimp (cve_2012_2763_buffer_overflow)
2015-01-19 00:00:00
SuSE 11.1 Security Update : Gimp (SAT Patch Number 6542)
2013-01-25 00:00:00
openSUSE Security Update : gimp (openSUSE-SU-2012:1131-1)
2014-06-13 00:00:00
packetstorm
packetstorm
GIMP script-fu Server Buffer Overflow
2012-06-02 00:00:00
exploitpack
exploitpack
GIMP 2.6 script-fu 2.8.0 - Buffer Overflow (PoC)
2012-05-31 00:00:00
debiancve
debiancve
CVE-2012-2763
2012-07-12 19:55:00
saint
saint
GIMP Script-Fu Server Buffer Overflow
2012-06-11 00:00:00
GIMP Script-Fu Server Buffer Overflow
2012-06-11 00:00:00
GIMP Script-Fu Server Buffer Overflow
2012-06-11 00:00:00
cve
cve
CVE-2012-2763
2012-07-12 19:55:00
checkpoint_advisories
checkpoint_advisories
Gimp Script-Fu Server Buffer Overflow (CVE-2012-2763)
2012-09-04 00:00:00
seebug
seebug
GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow Vulnerability
2014-07-01 00:00:00
GIMP 2.6 script-fu &lt; 2.8.0 Buffer Overflow Vulnerability
2012-06-01 00:00:00
securityvulns
securityvulns
script-fu buffer overflow in GIMP 2.6
2012-06-03 00:00:00
GIMP script-fu buffer overflow
2012-08-20 00:00:00
exploitdb
exploitdb
GIMP 2.6 script-fu &lt; 2.8.0 - Buffer Overflow (PoC)
2012-05-31 00:00:00
suse
suse
gimp to fix various issues (important)
2012-09-03 11:09:17
gentoo
gentoo
GIMP: Multiple vulnerabilities
2012-09-28 00:00:00

0.97 High

EPSS

Percentile

99.7%

JSON
Related for SAINT:632ED05411B004CC4A1116F769B3AE08
ubuntucve1openvas5prion1nessus5packetstorm1exploitpack1debiancve1saint3cve1checkpoint_advisories1seebug2securityvulns2exploitdb1suse1gentoo1