Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.58950
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0513
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0513.

The GIMP (GNU Image Manipulation Program) is an image composition and
editing program.

Multiple integer overflow and input validation flaws were found in The
GIMP's image loaders. An attacker could create a carefully crafted image
file that could cause The GIMP to crash or possibly execute arbitrary code
if the file was opened by a victim. (CVE-2006-4519, CVE-2007-2949,
CVE-2007-3741)

Users of The GIMP should update to these erratum packages, which contain a
backported fix to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0513.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4519
BugTraq ID: 24835
http://www.securityfocus.com/bid/24835
Bugtraq: 20070801 FLEA-2007-0038-1 gimp (Google Search)
http://www.securityfocus.com/archive/1/475257/100/0/threaded
Debian Security Information: DSA-1335 (Google Search)
http://www.debian.org/security/2007/dsa-1335
http://security.gentoo.org/glsa/glsa-200707-09.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170
http://osvdb.org/42139
http://osvdb.org/42140
http://osvdb.org/42141
http://osvdb.org/42142
http://osvdb.org/42143
http://osvdb.org/42144
http://osvdb.org/42145
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842
http://www.redhat.com/support/errata/RHSA-2007-0513.html
http://www.securitytracker.com/id?1018349
http://secunia.com/advisories/26132
http://secunia.com/advisories/26215
http://secunia.com/advisories/26240
http://secunia.com/advisories/26575
http://secunia.com/advisories/26939
http://www.ubuntu.com/usn/usn-494-1
http://www.vupen.com/english/advisories/2007/2471
XForce ISS Database: gimp-plugins-code-execution(35308)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35308
Common Vulnerability Exposure (CVE) ID: CVE-2007-2949
BugTraq ID: 24745
http://www.securityfocus.com/bid/24745
CERT/CC vulnerability note: VU#399896
http://www.kb.cert.org/vuls/id/399896
http://secunia.com/secunia_research/2007-63/advisory/
http://osvdb.org/37804
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772
http://secunia.com/advisories/25677
http://secunia.com/advisories/25949
http://secunia.com/advisories/26044
http://secunia.com/advisories/26384
http://secunia.com/advisories/28114
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.ubuntu.com/usn/usn-480-1
http://www.vupen.com/english/advisories/2007/2421
http://www.vupen.com/english/advisories/2007/4241
XForce ISS Database: gimp-unpackpixeldata-code-execution(35246)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35246
Common Vulnerability Exposure (CVE) ID: CVE-2007-3741
BugTraq ID: 25424
http://www.securityfocus.com/bid/25424
http://osvdb.org/42128
http://osvdb.org/42129
http://osvdb.org/42130
http://osvdb.org/42131
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10099
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.