Detections
Analytics
SuSE 10 Security Update : gimp (ZYPP Patch Number 1920)
medium Nessus Plugin ID 29441
Synopsis
The remote SuSE 10 host is missing a security-related patch.Description
A buffer overflow was fixed in the xcf loader in GIMP that allows user-complicit attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property. (CVE-2006-3404)Solution
Apply ZYPP patch number 1920.See Also
Plugin Details
Severity: Medium
ID: 29441
File Name: suse_gimp-1920.nasl
Version: 1.12
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/13/2007
Updated: 1/14/2021
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.5
CVSS v2
Risk Factor: Medium
Base Score: 5.1
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/o:suse:suse_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 7/28/2006
Reference Information
CVE: CVE-2006-3404