Vulnerabilities > CVE-2013-1978 - Out-of-bounds Write vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2813.NASL description Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code. last seen 2020-03-17 modified 2013-12-10 plugin id 71276 published 2013-12-10 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71276 title Debian DSA-2813-1 : gimp - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2813. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(71276); script_version("1.12"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"DSA", value:"2813"); script_name(english:"Debian DSA-2813-1 : gimp - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3403" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-3481" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-5576" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/gimp" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/gimp" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2013/dsa-2813" ); script_set_attribute( attribute:"solution", value: "Upgrade the gimp packages. For the oldstable distribution (squeeze), these problems have been fixed in version 2.6.10-1+squeeze4. This update also fixes CVE-2012-3403, CVE-2012-3481 and CVE-2012-5576. For the stable distribution (wheezy), these problems have been fixed in version 2.8.2-2+deb7u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"gimp", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"gimp-data", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"gimp-dbg", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0-dev", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"6.0", prefix:"libgimp2.0-doc", reference:"2.6.10-1+squeeze4")) flag++; if (deb_check(release:"7.0", prefix:"gimp", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"gimp-data", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"gimp-dbg", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0-dev", reference:"2.8.2-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libgimp2.0-doc", reference:"2.8.2-2+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1778.NASL description From Red Hat Security Advisory 2013:1778 : Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 71186 published 2013-12-04 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71186 title Oracle Linux 5 / 6 : gimp (ELSA-2013-1778) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1778 and # Oracle Linux Security Advisory ELSA-2013-1778 respectively. # include("compat.inc"); if (description) { script_id(71186); script_version("1.14"); script_cvs_date("Date: 2019/09/30 10:58:18"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(56647, 64098, 64105); script_xref(name:"RHSA", value:"2013:1778"); script_name(english:"Oracle Linux 5 / 6 : gimp (ELSA-2013-1778)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2013:1778 : Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-December/003848.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-December/003850.html" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gimp-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/17"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"EL6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"EL6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1778.NASL description Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 71178 published 2013-12-04 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71178 title CentOS 5 / 6 : gimp (CESA-2013:1778) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1778 and # CentOS Errata and Security Advisory 2013:1778 respectively. # include("compat.inc"); if (description) { script_id(71178); script_version("1.13"); script_cvs_date("Date: 2020/01/06"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(56647, 64098, 64105); script_xref(name:"RHSA", value:"2013:1778"); script_name(english:"CentOS 5 / 6 : gimp (CESA-2013:1778)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect." ); # https://lists.centos.org/pipermail/centos-announce/2013-December/020034.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?775d3289" ); # https://lists.centos.org/pipermail/centos-announce/2013-December/020040.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ded95208" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5576"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gimp-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"CentOS-6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20131203_GIMP_ON_SL5_X.NASL description A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect. last seen 2020-03-18 modified 2013-12-10 plugin id 71303 published 2013-12-10 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71303 title Scientific Linux Security Update : gimp on SL5.x, SL6.x i386/x86_64 (20131203) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(71303); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-5576", "CVE-2013-1913", "CVE-2013-1978"); script_name(english:"Scientific Linux Security Update : gimp on SL5.x, SL6.x i386/x86_64 (20131203)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=1925 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?59064db9" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-help-browser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:gimp-libs"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"gimp-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-debuginfo-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-devel-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL5", reference:"gimp-libs-2.2.13-3.el5_10")) flag++; if (rpm_check(release:"SL6", reference:"gimp-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-debuginfo-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-devel-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-devel-tools-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-help-browser-2.6.9-6.el6_5")) flag++; if (rpm_check(release:"SL6", reference:"gimp-libs-2.6.9-6.el6_5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp / gimp-debuginfo / gimp-devel / gimp-devel-tools / etc"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2013-22776.NASL description This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-12-17 plugin id 71476 published 2013-12-17 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71476 title Fedora 19 : gimp-2.8.10-4.fc19 (2013-22776) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-22776. # include("compat.inc"); if (description) { script_id(71476); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"FEDORA", value:"2013-22776"); script_name(english:"Fedora 19 : gimp-2.8.10-4.fc19 (2013-22776)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1037720" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124185.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a49d9fb4" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC19", reference:"gimp-2.8.10-4.fc19")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2013-22701.NASL description This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-12-14 plugin id 71419 published 2013-12-14 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71419 title Fedora 20 : gimp-2.8.10-4.fc20 (2013-22701) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-22701. # include("compat.inc"); if (description) { script_id(71419); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"FEDORA", value:"2013-22701"); script_name(english:"Fedora 20 : gimp-2.8.10-4.fc20 (2013-22701)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes buffer overflows in the XWD loader. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1037720" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123547.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c7057a71" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"gimp-2.8.10-4.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-293.NASL description Updated gimp package fixes security vulnerabilities : An integer overflow flaw and a heap-based buffer overflow were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2013-1913, CVE-2013-1978). last seen 2020-06-01 modified 2020-06-02 plugin id 71512 published 2013-12-18 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71512 title Mandriva Linux Security Advisory : gimp (MDVSA-2013:293) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:293. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(71512); script_version("1.8"); script_cvs_date("Date: 2019/10/16 10:34:21"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"MDVSA", value:"2013:293"); script_name(english:"Mandriva Linux Security Advisory : gimp (MDVSA-2013:293)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated gimp package fixes security vulnerabilities : An integer overflow flaw and a heap-based buffer overflow were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2013-1913, CVE-2013-1978)." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2013-0365.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gimp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gimp-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gimp2.0-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gimp2.0_0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"gimp-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"gimp-python-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64gimp2.0-devel-2.8.2-1.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64gimp2.0_0-2.8.2-1.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201603-01.NASL description The remote host is affected by the vulnerability described in GLSA-201603-01 (GIMP: Multiple vulnerabilities) GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally, the X Window Dump (XWD) plugin is vulnerable to multiple buffer overflows possibly allowing the remote execution of arbitrary code or Denial of Service. The XWD plugin is vulnerable due to not validating large color entries. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process due or perform a Denial of Service. Workaround : There is no known work around at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 89712 published 2016-03-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89712 title GLSA-201603-01 : GIMP: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201603-01. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(89712); script_version("2.3"); script_cvs_date("Date: 2019/04/11 17:23:06"); script_cve_id("CVE-2012-4245", "CVE-2013-1913", "CVE-2013-1978"); script_xref(name:"GLSA", value:"201603-01"); script_name(english:"GLSA-201603-01 : GIMP: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201603-01 (GIMP: Multiple vulnerabilities) GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally, the X Window Dump (XWD) plugin is vulnerable to multiple buffer overflows possibly allowing the remote execution of arbitrary code or Denial of Service. The XWD plugin is vulnerable due to not validating large color entries. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process due or perform a Denial of Service. Workaround : There is no known work around at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201603-01" ); script_set_attribute( attribute:"solution", value: "All GIMP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/gimp-2.8.0'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-gfx/gimp", unaffected:make_list("ge 2.8.0"), vulnerable:make_list("lt 2.8.0"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GIMP"); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2051-1.NASL description Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user last seen 2020-06-01 modified 2020-06-02 plugin id 71309 published 2013-12-10 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71309 title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : gimp vulnerability (USN-2051-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2051-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(71309); script_version("1.12"); script_cvs_date("Date: 2019/09/19 12:54:29"); script_cve_id("CVE-2013-1913", "CVE-2013-1978"); script_bugtraq_id(64098, 64105); script_xref(name:"USN", value:"2051-1"); script_name(english:"Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : gimp vulnerability (USN-2051-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2051-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected gimp package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gimp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/12"); script_set_attribute(attribute:"patch_publication_date", value:"2013/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(12\.04|12\.10|13\.04|13\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 12.10 / 13.04 / 13.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"12.04", pkgname:"gimp", pkgver:"2.6.12-1ubuntu1.3")) flag++; if (ubuntu_check(osver:"12.10", pkgname:"gimp", pkgver:"2.8.2-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"13.04", pkgname:"gimp", pkgver:"2.8.4-1ubuntu1.1")) flag++; if (ubuntu_check(osver:"13.10", pkgname:"gimp", pkgver:"2.8.6-1ubuntu1.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gimp"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2013-22771.NASL description Overview of Changes from GIMP 2.8.8 to GIMP 2.8.10 ================================================== GUI : - Indicate if a file was exported in the Quit dialog - Add shortcuts and hint labels to the close and quit dialogs that make closing and quitting easier and more consistent - Rename the File->Export menu labels to match Save/Save as - Fix keyboard shortcuts on OSX Mavericks - Don last seen 2020-03-17 modified 2013-12-17 plugin id 71475 published 2013-12-17 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71475 title Fedora 18 : gimp-2.8.10-4.fc18 (2013-22771) NASL family SuSE Local Security Checks NASL id SUSE_11_GIMP-140203.NASL description This update fixes the following security issues with gimp : - XWD plugin g_new() integer overflow. (CVE-2013-1913). (bnc#853423) - XWD plugin color map heap-based buffer overflow. (CVE-2013-1978). (bnc#853425) - memory corruption via XWD files (CVE-2012-5576). (bnc#791372) last seen 2020-06-05 modified 2014-02-11 plugin id 72422 published 2014-02-11 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72422 title SuSE 11.3 Security Update : gimp (SAT Patch Number 8856) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1778.NASL description Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GIMP (GNU Image Manipulation Program) is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team. Users of the GIMP are advised to upgrade to these updated packages, which correct these issues. The GIMP must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 71189 published 2013-12-04 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71189 title RHEL 5 / 6 : gimp (RHSA-2013:1778)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|