Vulnerabilities > CVE-2013-1913 - Integer Overflow or Wraparound vulnerability in multiple products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

gimp

redhat

CWE-190

nessus

NVD

Published: 2013-12-12

Updated: 2023-02-13

Summary

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump.

Vulnerable Configurations

Part	Description	Count
Application	Gimp Gimp Gimp - Gimp Gimp 0.99.16 Gimp Gimp 0.99.17 Gimp Gimp 0.99.18 Gimp Gimp 0.99.19 Gimp Gimp 0.99.20 Gimp Gimp 0.99.21 Gimp Gimp 0.99.22 Gimp Gimp 0.99.23 Gimp Gimp 0.99.24 Gimp Gimp 0.99.25 Gimp Gimp 0.99.27 Gimp Gimp 0.99.28 Gimp Gimp 0.99.29 Gimp Gimp 1.0.0 Gimp Gimp 1.0.1 Gimp Gimp 1.0.2 Gimp Gimp 1.0.3 Gimp Gimp 1.0.4 Gimp Gimp 1.1.0 Gimp Gimp 1.1.1 Gimp Gimp 1.1.2 Gimp Gimp 1.1.3 Gimp Gimp 1.1.4 Gimp Gimp 1.1.5 Gimp Gimp 1.1.6 Gimp Gimp 1.1.7 Gimp Gimp 1.1.8 Gimp Gimp 1.1.9 Gimp Gimp 1.1.10 Gimp Gimp 1.1.11 Gimp Gimp 1.1.12 Gimp Gimp 1.1.13 Gimp Gimp 1.1.14 Gimp Gimp 1.1.15 Gimp Gimp 1.1.16 Gimp Gimp 1.1.17 Gimp Gimp 1.1.18 Gimp Gimp 1.1.19 Gimp Gimp 1.1.20 Gimp Gimp 1.1.21 Gimp Gimp 1.1.22 Gimp Gimp 1.1.23 Gimp Gimp 1.1.24 Gimp Gimp 1.1.25 Gimp Gimp 1.1.26 Gimp Gimp 1.1.27 Gimp Gimp 1.1.28 Gimp Gimp 1.1.29 Gimp Gimp 1.1.30 Gimp Gimp 1.1.31 Gimp Gimp 1.1.32 Gimp Gimp 1.2.0 Gimp Gimp 1.2.1 Gimp Gimp 1.2.2 Gimp Gimp 1.2.3 Gimp Gimp 1.2.4 Gimp Gimp 1.2.5 Gimp Gimp 1.3.0 Gimp Gimp 1.3.1 Gimp Gimp 1.3.2 Gimp Gimp 1.3.3 Gimp Gimp 1.3.4 Gimp Gimp 1.3.5 Gimp Gimp 1.3.6 Gimp Gimp 1.3.7 Gimp Gimp 1.3.8 Gimp Gimp 1.3.9 Gimp Gimp 1.3.10 Gimp Gimp 1.3.11 Gimp Gimp 1.3.12 Gimp Gimp 1.3.13 Gimp Gimp 1.3.14 Gimp Gimp 1.3.15 Gimp Gimp 1.3.16 Gimp Gimp 1.3.17 Gimp Gimp 1.3.18 Gimp Gimp 1.3.19 Gimp Gimp 1.3.20 Gimp Gimp 1.3.21 Gimp Gimp 1.3.22 Gimp Gimp 1.3.23 Gimp Gimp 1.3.24 Gimp Gimp 1.3.25 Gimp Gimp 1.3.26 Gimp Gimp 1.3.27 Gimp Gimp 2.0 Gimp Gimp 2.0.0 Gimp Gimp 2.0.1 Gimp Gimp 2.0.2 Gimp Gimp 2.0.3 Gimp Gimp 2.0.4 Gimp Gimp 2.0.5 Gimp Gimp 2.0.6 Gimp Gimp 2.1.0 Gimp Gimp 2.1.1 Gimp Gimp 2.1.2 Gimp Gimp 2.1.3 Gimp Gimp 2.1.4 Gimp Gimp 2.1.5 Gimp Gimp 2.1.6 Gimp Gimp 2.1.7 Gimp Gimp 2.2 Gimp Gimp 2.2.0 Gimp Gimp 2.2.1 Gimp Gimp 2.2.2 Gimp Gimp 2.2.3 Gimp Gimp 2.2.4 Gimp Gimp 2.2.5 Gimp Gimp 2.2.6 Gimp Gimp 2.2.7 Gimp Gimp 2.2.8 Gimp Gimp 2.2.9 Gimp Gimp 2.2.10 Gimp Gimp 2.2.11 Gimp Gimp 2.2.12 Gimp Gimp 2.2.13 Gimp Gimp 2.2.14 Gimp Gimp 2.2.15 Gimp Gimp 2.2.16 Gimp Gimp 2.2.17 Gimp Gimp 2.3.0 Gimp Gimp 2.3.1 Gimp Gimp 2.3.2 Gimp Gimp 2.3.3 Gimp Gimp 2.3.4 Gimp Gimp 2.3.5 Gimp Gimp 2.3.6 Gimp Gimp 2.3.7 Gimp Gimp 2.3.8 Gimp Gimp 2.3.9 Gimp Gimp 2.3.10 Gimp Gimp 2.3.11 Gimp Gimp 2.3.12 Gimp Gimp 2.3.13 Gimp Gimp 2.3.14 Gimp Gimp 2.3.15 Gimp Gimp 2.3.16 Gimp Gimp 2.3.17 Gimp Gimp 2.3.18 Gimp Gimp 2.3.19 Gimp Gimp 2.4.0 Gimp Gimp 2.4.1 Gimp Gimp 2.4.2 Gimp Gimp 2.4.3 Gimp Gimp 2.4.4 Gimp Gimp 2.4.5 Gimp Gimp 2.4.6 Gimp Gimp 2.4.7 Gimp Gimp 2.5.0 Gimp Gimp 2.5.1 Gimp Gimp 2.5.2 Gimp Gimp 2.5.3 Gimp Gimp 2.5.4 Gimp Gimp 2.6.0 Gimp Gimp 2.6.1 Gimp Gimp 2.6.2 Gimp Gimp 2.6.3 Gimp Gimp 2.6.4 Gimp Gimp 2.6.5 Gimp Gimp 2.6.6 Gimp Gimp 2.6.7 Gimp Gimp 2.6.8 Gimp Gimp 2.6.9	174
Application	Gnome Gnome Glib *	1
OS	Redhat Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 5.0	2

Common Weakness Enumeration (CWE)

CWE-190 - Integer Overflow or Wraparound

Common Attack Pattern Enumeration and Classification (CAPEC)

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-2813.NASL
description	Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code.
last seen	2020-03-17
modified	2013-12-10
plugin id	71276
published	2013-12-10
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71276
title	Debian DSA-2813-1 : gimp - several vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2813. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(71276); script_version("1.12"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"DSA", value:"2813"); script_name(english:"Debian DSA-2813-1 : gimp - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3403" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3481" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-5576" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/gimp" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/gimp" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2013/dsa-2813" ); script_set_attribute( attribute:"solution", value: "Upgrade the gimp packages. For the oldstable distribution (squeeze), these problems have been fixed in version 2.6.10-1+squeeze4. This update also fixes CVE-2012-3403, CVE-2012-3481 and CVE-2012-5576. For the stable distribution (wheezy), these problems have been fixed in version 2.8.2-2+deb7u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"gimp", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"gimp-data", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"gimp-dbg", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0-dev", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0-doc", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"7.0", prefix:"gimp", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"gimp-data", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"gimp-dbg", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0-dev", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0-doc", reference:"2.8.2-2+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2013-1778.NASL
description	From Red Hat Security Advisory 2013:1778 : Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	71186
published	2013-12-04
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71186
title	Oracle Linux 5 / 6 : gimp (ELSA-2013-1778)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1778 and # Oracle Linux Security Advisory ELSA-2013-1778 respectively. # include("compat.inc"); if (description) { script_id(71186); script_version("1.14"); script_cvs_date("Date: 2019/09/30 10:58:18"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(56647, 64098, 64105); script_xref(name:"RHSA", value:"2013:1778"); script_name(english:"Oracle Linux 5 / 6 : gimp (ELSA-2013-1778)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2013:1778 : Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-December/003848.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-December/003850.html" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/17"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(5\|6)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2013-1778.NASL
description	Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	71178
published	2013-12-04
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71178
title	CentOS 5 / 6 : gimp (CESA-2013:1778)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1778 and # CentOS Errata and Security Advisory 2013:1778 respectively. # include("compat.inc"); if (description) { script_id(71178); script_version("1.13"); script_cvs_date("Date: 2020/01/06"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(56647, 64098, 64105); script_xref(name:"RHSA", value:"2013:1778"); script_name(english:"CentOS 5 / 6 : gimp (CESA-2013:1778)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect." ); # https://lists.centos.org/pipermail/centos-announce/2013-December/020034.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?775d3289" ); # https://lists.centos.org/pipermail/centos-announce/2013-December/020040.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ded95208" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5576"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(5\|6)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc"); }

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20131203_GIMP_ON_SL5_X.NASL
description	A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect.
last seen	2020-03-18
modified	2013-12-10
plugin id	71303
published	2013-12-10
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71303
title	Scientific Linux Security Update : gimp on SL5.x, SL6.x i386/x86_64 (20131203)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(71303); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_name(english:"Scientific Linux Security Update : gimp on SL5.x, SL6.x i386/x86_64 (20131203)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=1925 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?59064db9" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-libs"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-debuginfo-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-debuginfo-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-debuginfo / gimp-devel / gimp-devel-tools / etc"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2013-22776.NASL
description	This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2013-12-17
plugin id	71476
published	2013-12-17
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71476
title	Fedora 19 : gimp-2.8.10-4.fc19 (2013-22776)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-22776. # include("compat.inc"); if (description) { script_id(71476); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"FEDORA", value:"2013-22776"); script_name(english:"Fedora 19 : gimp-2.8.10-4.fc19 (2013-22776)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1037720" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124185.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a49d9fb4" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^19([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC19", reference:"gimp-2.8.10-4.fc19")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2013-22701.NASL
description	This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2013-12-14
plugin id	71419
published	2013-12-14
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71419
title	Fedora 20 : gimp-2.8.10-4.fc20 (2013-22701)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-22701. # include("compat.inc"); if (description) { script_id(71419); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"FEDORA", value:"2013-22701"); script_name(english:"Fedora 20 : gimp-2.8.10-4.fc20 (2013-22701)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1037720" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123547.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c7057a71" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"gimp-2.8.10-4.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2013-293.NASL
description	Updated gimp package fixes security vulnerabilities : An integer overflow flaw and a heap-based buffer overflow were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2013-1913, CVE-2013-1978).
last seen	2020-06-01
modified	2020-06-02
plugin id	71512
published	2013-12-18
reporter	This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/71512
title	Mandriva Linux Security Advisory : gimp (MDVSA-2013:293)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:293. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(71512); script_version("1.8"); script_cvs_date("Date: 2019/10/16 10:34:21"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"MDVSA", value:"2013:293"); script_name(english:"Mandriva Linux Security Advisory : gimp (MDVSA-2013:293)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated gimp package fixes security vulnerabilities : An integer overflow flaw and a heap-based buffer overflow were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2013-1913, CVE-2013-1978)." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2013-0365.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gimp-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gimp2.0-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gimp2.0_0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"gimp-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"gimp-python-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64gimp2.0-devel-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64gimp2.0_0-2.8.2-1.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201603-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-201603-01 (GIMP: Multiple vulnerabilities) GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally, the X Window Dump (XWD) plugin is vulnerable to multiple buffer overflows possibly allowing the remote execution of arbitrary code or Denial of Service. The XWD plugin is vulnerable due to not validating large color entries. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process due or perform a Denial of Service. Workaround : There is no known work around at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	89712
published	2016-03-07
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/89712
title	GLSA-201603-01 : GIMP: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201603-01. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(89712); script_version("2.3"); script_cvs_date("Date: 2019/04/11 17:23:06"); script_cve_id("CVE-2012-4245", "CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"GLSA", value:"201603-01"); script_name(english:"GLSA-201603-01 : GIMP: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201603-01 (GIMP: Multiple vulnerabilities) GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally, the X Window Dump (XWD) plugin is vulnerable to multiple buffer overflows possibly allowing the remote execution of arbitrary code or Denial of Service. The XWD plugin is vulnerable due to not validating large color entries. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process due or perform a Denial of Service. Workaround : There is no known work around at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201603-01" ); script_set_attribute( attribute:"solution", value: "All GIMP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/gimp-2.8.0'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-gfx/gimp", unaffected:make_list("ge 2.8.0"), vulnerable:make_list("lt 2.8.0"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GIMP"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2051-1.NASL
description	Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user
last seen	2020-06-01
modified	2020-06-02
plugin id	71309
published	2013-12-10
reporter	Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71309
title	Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : gimp vulnerability (USN-2051-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2051-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(71309); script_version("1.12"); script_cvs_date("Date: 2019/09/19 12:54:29"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"USN", value:"2051-1"); script_name(english:"Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : gimp vulnerability (USN-2051-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2051-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/12"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(12\.04\|12\.10\|13\.04\|13\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 12.10 / 13.04 / 13.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"12.04", pkgname:"gimp", pkgver:"2.6.12-1ubuntu1.3")) flag++; if (ubuntu_check(osver:"12.10", pkgname:"gimp", pkgver:"2.8.2-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"13.04", pkgname:"gimp", pkgver:"2.8.4-1ubuntu1.1")) flag++; if (ubuntu_check(osver:"13.10", pkgname:"gimp", pkgver:"2.8.6-1ubuntu1.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2013-22771.NASL
description	Overview of Changes from GIMP 2.8.8 to GIMP 2.8.10 ================================================== GUI : - Indicate if a file was exported in the Quit dialog - Add shortcuts and hint labels to the close and quit dialogs that make closing and quitting easier and more consistent - Rename the File->Export menu labels to match Save/Save as - Fix keyboard shortcuts on OSX Mavericks - Don
last seen	2020-03-17
modified	2013-12-17
plugin id	71475
published	2013-12-17
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71475
title	Fedora 18 : gimp-2.8.10-4.fc18 (2013-22771)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_GIMP-140203.NASL
description	This update fixes the following security issues with gimp : - XWD plugin g_new() integer overflow. (CVE-2013-1913). (bnc#853423) - XWD plugin color map heap-based buffer overflow. (CVE-2013-1978). (bnc#853425) - memory corruption via XWD files (CVE-2012-5576). (bnc#791372)
last seen	2020-06-05
modified	2014-02-11
plugin id	72422
published	2014-02-11
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/72422
title	SuSE 11.3 Security Update : gimp (SAT Patch Number 8856)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2013-1778.NASL
description	Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	71189
published	2013-12-04
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/71189
title	RHEL 5 / 6 : gimp (RHSA-2013:1778)

Redhat

advisories

rhsa

id	RHSA-2013:1778

rpms

gimp-2:2.2.13-3.el5_10
gimp-2:2.6.9-6.el6_5
gimp-debuginfo-2:2.2.13-3.el5_10
gimp-debuginfo-2:2.6.9-6.el6_5
gimp-devel-2:2.2.13-3.el5_10
gimp-devel-2:2.6.9-6.el6_5
gimp-devel-tools-2:2.6.9-6.el6_5
gimp-help-browser-2:2.6.9-6.el6_5
gimp-libs-2:2.2.13-3.el5_10
gimp-libs-2:2.6.9-6.el6_5

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References