Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.69589
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-1109-1 (gimp)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to gimp
announced via advisory USN-1109-1.

Details follow:

It was discovered that GIMP incorrectly handled malformed data in certain
plugin configuration files. If a user were tricked into opening a specially
crafted plugin configuration file, an attacker could cause GIMP to crash,
or possibly execute arbitrary code with the user's privileges. The default
compiler options for affected releases should reduce the vulnerability to a
denial of service. (CVE-2010-4540, CVE-2010-4541, CVE-2010-4542)

It was discovered that GIMP incorrectly handled malformed PSP image files.
If a user were tricked into opening a specially crafted PSP image file, an
attacker could cause GIMP to crash, or possibly execute arbitrary code with
the user's privileges. (CVE-2010-4543)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
gimp 2.4.5-1ubuntu2.3

Ubuntu 9.10:
gimp 2.6.7-1ubuntu1.2

Ubuntu 10.04 LTS:
gimp 2.6.8-2ubuntu1.2

Ubuntu 10.10:
gimp 2.6.10-1ubuntu3.2

After a standard system update you need to restart GIMP to make all the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-1109-1

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-4540
Debian Security Information: DSA-2426 (Google Search)
http://www.debian.org/security/2012/dsa-2426
http://security.gentoo.org/glsa/glsa-201209-23.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2011:103
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497
http://openwall.com/lists/oss-security/2011/01/03/2
http://openwall.com/lists/oss-security/2011/01/04/7
http://osvdb.org/70282
http://www.redhat.com/support/errata/RHSA-2011-0838.html
http://www.redhat.com/support/errata/RHSA-2011-0839.html
http://secunia.com/advisories/42771
http://secunia.com/advisories/44750
http://secunia.com/advisories/48236
http://secunia.com/advisories/50737
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://www.vupen.com/english/advisories/2011/0016
XForce ISS Database: gimp-lightning-effects-bo(64582)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64582
Common Vulnerability Exposure (CVE) ID: CVE-2010-4541
http://osvdb.org/70281
http://www.redhat.com/support/errata/RHSA-2011-0837.html
XForce ISS Database: gimp-sphere-designer-bo(64581)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64581
Common Vulnerability Exposure (CVE) ID: CVE-2010-4542
http://osvdb.org/70283
Common Vulnerability Exposure (CVE) ID: CVE-2010-4543
http://osvdb.org/70284
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.