Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24542

HistoryApr 10, 2020 - 12:56 a.m.

Arbitrary Code Execution

2020-04-1000:56:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

EPSS

0.01

Percentile

83.7%

gimp is vulnerable to arbitrary code execution. A stack-based buffer overflow flaw was found in the GIMP’s Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497

lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

openwall.com/lists/oss-security/2011/01/03/2

openwall.com/lists/oss-security/2011/01/04/7

osvdb.org/70283

secunia.com/advisories/42771

secunia.com/advisories/44750

secunia.com/advisories/48236

secunia.com/advisories/50737

security.gentoo.org/glsa/glsa-201209-23.xml

www.debian.org/security/2012/dsa-2426

www.mandriva.com/security/advisories?name=MDVSA-2011:103

www.redhat.com/support/errata/RHSA-2011-0838.html

www.redhat.com/support/errata/RHSA-2011-0839.html

www.vupen.com/english/advisories/2011/0016

access.redhat.com/errata/RHSA-2011:0838

access.redhat.com/errata/RHSA-2011:0839

access.redhat.com/security/cve/CVE-2010-4542

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=666793

bugzilla.redhat.com/show_bug.cgi?id=703405

EPSS

0.01

Percentile

83.7%

Related for VERACODE:24542

cve1 ubuntucve1 cvelist1 prion1 nvd1 debiancve1 nessus18 oraclelinux2 openvas26 ubuntu1 redhat2 securityvulns2 fedora5 centos1 osv1 debian1 gentoo1