GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22096.

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0675 advisory.

  - GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22093.
    (CVE-2023-44441)

  - GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-     CAN-22094. (CVE-2023-44442)

  - GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The     specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation     of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22096.
    (CVE-2023-44443)

  - GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote     attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to     exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The     specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one     error when calculating a location to write within a heap-based buffer. An attacker can leverage this     vulnerability to execute code in the context of the current process. Was ZDI-CAN-22097. (CVE-2023-44444)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0675 advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0675 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: dds buffer overflow RCE (CVE-2023-44441)

    * gimp: PSD buffer overflow RCE (CVE-2023-44442)

    * gimp: psp integer overflow RCE (CVE-2023-44443)

    * gimp: psp off-by-one RCE (CVE-2023-44444)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0675 advisory.

    - fix CVE-2023-44441
    - fix CVE-2023-44442
    - fix CVE-2023-44443

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0716 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: dds buffer overflow RCE (CVE-2023-44441)

    * gimp: PSD buffer overflow RCE (CVE-2023-44442)

    * gimp: psp integer overflow RCE (CVE-2023-44443)

    * gimp: psp off-by-one RCE (CVE-2023-44444)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0702 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: dds buffer overflow RCE (CVE-2023-44441)

    * gimp: PSD buffer overflow RCE (CVE-2023-44442)

    * gimp: psp integer overflow RCE (CVE-2023-44443)

    * gimp: psp off-by-one RCE (CVE-2023-44444)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6521-1 advisory.

    It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a     specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of     service, or possibly execute arbitrary code.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5564 advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of gimp installed on the remote host is prior to 2.10.36. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-320-01 advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
196986	Rocky Linux 9 : gimp (RLSA-2024:0675)	Nessus	Rocky Linux Local Security Checks	high
190385	AlmaLinux 9 : gimp (ALSA-2024:0675)	Nessus	Alma Linux Local Security Checks	high
190332	RHEL 9 : gimp (RHSA-2024:0675)	Nessus	Red Hat Local Security Checks	high
190133	Oracle Linux 9 : gimp (ELSA-2024-0675)	Nessus	Oracle Linux Local Security Checks	high
190099	RHEL 9 : gimp (RHSA-2024:0716)	Nessus	Red Hat Local Security Checks	high
190059	RHEL 9 : gimp (RHSA-2024:0702)	Nessus	Red Hat Local Security Checks	high
186446	Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : GIMP vulnerabilities (USN-6521-1)	Nessus	Ubuntu Local Security Checks	medium
186265	Debian DSA-5564-1 : gimp - security update	Nessus	Debian Local Security Checks	high
185902	Slackware Linux 15.0 / current gimp Multiple Vulnerabilities (SSA:2023-320-01)	Nessus	Slackware Local Security Checks	high

Detections

Analytics

CVE-2023-44443

high

Tenable Plugins

high

high

high

high

high

high

medium

high

high