Test ID:	1.3.6.1.4.1.25623.1.0.57097
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2006:0598
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2006:0598. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Henning Makholm discovered a buffer overflow bug in The GIMP XCF file loader. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim. (CVE-2006-3404) Please note that this issue did not affect the gimp packages in Red Hat Enterprise Linux 2.1, or 3. Users of The GIMP should update to these erratum packages which contain a backported fix to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0598.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3404 BugTraq ID: 18877 http://www.securityfocus.com/bid/18877 Bugtraq: 20060724 ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow (Google Search) http://www.securityfocus.com/archive/1/441012/100/0/threaded Bugtraq: 20060724 Re: [ GLSA 200607-08 ] GIMP: Buffer overflow (Google Search) http://www.securityfocus.com/archive/1/440987/100/0/threaded Bugtraq: 20060724 rPSA-2006-0135-1 gimp (Google Search) http://www.securityfocus.com/archive/1/441030/100/0/threaded Debian Security Information: DSA-1116 (Google Search) http://www.debian.org/security/2006/dsa-1116 http://security.gentoo.org/glsa/glsa-200607-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:127 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049 http://www.osvdb.org/27037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11259 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5908 http://www.redhat.com/support/errata/RHSA-2006-0598.html http://securitytracker.com/id?1016527 http://secunia.com/advisories/20976 http://secunia.com/advisories/20979 http://secunia.com/advisories/21069 http://secunia.com/advisories/21104 http://secunia.com/advisories/21170 http://secunia.com/advisories/21182 http://secunia.com/advisories/21198 http://secunia.com/advisories/21459 http://secunia.com/advisories/23044 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102720-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200070-1 SuSE Security Announcement: SUSE-SR:2006:019 (Google Search) http://www.novell.com/linux/security/advisories/2006_19_sr.html http://www.ubuntu.com/usn/usn-312-1 http://www.vupen.com/english/advisories/2006/2703 http://www.vupen.com/english/advisories/2006/4634 XForce ISS Database: gimp-xcfloadvector-bo(27687) https://exchange.xforce.ibmcloud.com/vulnerabilities/27687
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.