oss-sec mailing list archives
The Gimp CEL plug-in CVE-2012-3403 issue
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 20 Aug 2012 08:29:49 -0400 (EDT)
Hello vendors, see below a report about the GIMP's CEL plug-in CVE-2012-3403 issue: ---------------------------------------------------------------------- Summary: Gimp (CEL plug-in): heap buffer overflow when loading external palette files CVE: CVE-2012-3403 Description: A heap-based buffer overflow flaw, leading to invalid free, was found in the way KiSS CEL file format plug-in of Gimp, the GNU Image Manipulation Program, performed loading of certain palette files. A remote attacker could provide a specially-crafted KiSS palette file that, when opened in Gimp would cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the gimp executable. CVSSv2: 6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P Affected versions: All up to the latest upstream one Patch: ------ See https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3403 https://bugzilla.redhat.com/show_bug.cgi?id=839020#c19 for patchset covering upstream v2.2.x, v2.6.x, v2.8.x, and current master branch versions. Credit: 1, Issue found by: Murray McAllister, Red Hat Security Response Team 2, Reproducer by: Murray McAllister, Red Hat Security Response Team ---------------------------------------------------------------------- Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- The Gimp CEL plug-in CVE-2012-3403 issue Jan Lieskovsky (Aug 20)