Full Disclosure mailing list archives
rPSA-2006-0135-1 gimp
From: "Justin M. Forbes" <jmforbes () rpath com>
Date: Mon, 24 Jul 2006 17:04:24 -0400
rPath Security Advisory: 2006-0135-1 Published: 2006-07-24 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: User Deterministic Privilege Escalation Updated Versions: gimp=/conary.rpath.com@rpl:devel//1/2.2.8-8.2-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 https://issues.rpath.com/browse/RPL-522 Description: Previous versions of the gimp package are vulnerable to an attack in which an intentionally corrupted XCF file (the native gimp file format) could cause the gimp to crash or to execute code supplied in the XCF file by the attacker. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2006-0135-1 gimp Justin M. Forbes (Jul 24)