Vulnerabilities > CVE-2011-1782 - Out-of-bounds Write vulnerability in Gimp 2.6.11
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4543.
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_GIMP-110531.NASL description A number of heap-based buffer overflows have been found in The Gimp affecting the PCX (CVE-2011-1178), SGI, GBR and PAT (CVE-2011-1782) plugins. The update fixes these security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 54985 published 2011-06-07 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54985 title SuSE 11.1 Security Update : gimp (SAT Patch Number 4631) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(54985); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-1178", "CVE-2011-1782"); script_name(english:"SuSE 11.1 Security Update : gimp (SAT Patch Number 4631)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A number of heap-based buffer overflows have been found in The Gimp affecting the PCX (CVE-2011-1178), SGI, GBR and PAT (CVE-2011-1782) plugins. The update fixes these security issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=692877" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-1178.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-1782.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4631."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:gimp-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:gimp-plugins-python"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"gimp-2.6.2-3.34.31.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"gimp-lang-2.6.2-3.34.31.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"gimp-plugins-python-2.6.2-3.34.31.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"gimp-2.6.2-3.34.31.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"gimp-lang-2.6.2-3.34.31.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"gimp-plugins-python-2.6.2-3.34.31.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_4_GIMP-110531.NASL description This update fixes various overflows : + CVE-2011-1178: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVE-2011-1782: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) last seen 2020-06-01 modified 2020-06-02 plugin id 75849 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75849 title openSUSE Security Update : gimp (openSUSE-SU-2011:0586-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gimp-4637. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75849); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-1178", "CVE-2011-1782"); script_name(english:"openSUSE Security Update : gimp (openSUSE-SU-2011:0586-1)"); script_summary(english:"Check for the gimp-4637 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes various overflows : + CVE-2011-1178: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVE-2011-1782: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=692877" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00001.html" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-help-browser-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-module-hal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-module-hal-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-plugins-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-plugins-python-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimp-2_0-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimp-2_0-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpui-2_0-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"gimp-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-branding-upstream-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-debugsource-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-devel-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-devel-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-help-browser-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-help-browser-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-lang-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-module-hal-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-module-hal-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-plugins-python-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gimp-plugins-python-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimp-2_0-0-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimp-2_0-0-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimpui-2_0-0-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimpui-2_0-0-debuginfo-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgimp-2_0-0-32bit-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgimp-2_0-0-debuginfo-32bit-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgimpui-2_0-0-32bit-2.6.11-13.14.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.14.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_3_GIMP-110531.NASL description This update fixes various overflows : + CVE-2011-1178: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVE-2011-1782: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) last seen 2020-06-01 modified 2020-06-02 plugin id 75514 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75514 title openSUSE Security Update : gimp (openSUSE-SU-2011:0586-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gimp-4637. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75514); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-1178", "CVE-2011-1782"); script_name(english:"openSUSE Security Update : gimp (openSUSE-SU-2011:0586-1)"); script_summary(english:"Check for the gimp-4637 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes various overflows : + CVE-2011-1178: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVE-2011-1782: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=692877" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00001.html" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-module-hal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gimp-plugins-python"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"gimp-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-branding-upstream-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-devel-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-help-browser-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-lang-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-module-hal-2.6.8-7.5.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"gimp-plugins-python-2.6.8-7.5.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2011-7393.NASL description This update fixes buffer overflows in the PSP (CVE-2010-4543, CVE-2011-1782), sphere-designer (CVE-2010-4541), gfig (CVE-2010-4542) and lighting (CVE-2010-4540) plugins. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 54977 published 2011-06-07 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/54977 title Fedora 14 : gimp-2.6.11-14.fc14 (2011-7393) NASL family Fedora Local Security Checks NASL id FEDORA_2011-7397.NASL description This update fixes buffer overflows in the PSP (CVE-2010-4543, CVE-2011-1782), sphere-designer (CVE-2010-4541), gfig (CVE-2010-4542) and lighting (CVE-2010-4540) plugins. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55003 published 2011-06-09 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55003 title Fedora 13 : gimp-2.6.11-14.fc13 (2011-7397) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1147-1.NASL description Nils Philippsen discovered that GIMP incorrectly handled malformed PSP image files. If a user were tricked into opening a specially crafted PSP image file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user last seen 2020-06-01 modified 2020-06-02 plugin id 55113 published 2011-06-14 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55113 title Ubuntu 10.04 LTS / 10.10 / 11.04 : gimp vulnerability (USN-1147-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2011-103.NASL description Multiple vulnerabilities was discovered and fixed in gimp : Stack-based buffer overflow in the last seen 2020-06-01 modified 2020-06-02 plugin id 54919 published 2011-05-31 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54919 title Mandriva Linux Security Advisory : gimp (MDVSA-2011:103) NASL family SuSE Local Security Checks NASL id SUSE_GIMP-7543.NASL description A number of heap-based buffer overflows have been found in The Gimp affecting the PCX (CVE-2011-1178), SGI, GBR and PAT (CVE-2011-1782) plugins. The update fixes these security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57199 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57199 title SuSE 10 Security Update : gimp (ZYPP Patch Number 7543) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2426.NASL description Several vulnerabilities have been identified in GIMP, the GNU Image Manipulation Program. - CVE-2010-4540 Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the last seen 2020-03-17 modified 2012-03-07 plugin id 58250 published 2012-03-07 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58250 title Debian DSA-2426-1 : gimp - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2011-7371.NASL description This update fixes buffer overflows in the PSP (CVE-2010-4543, CVE-2011-1782), sphere-designer (CVE-2010-4541), gfig (CVE-2010-4542) and lighting (CVE-2010-4540) plugins. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 54914 published 2011-05-31 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54914 title Fedora 15 : gimp-2.6.11-14.fc15 (2011-7371)