Novell Home

CVE-2007-2356

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2007-2356 at MITRE

Description

Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 270506

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • gimp-unstable >= 2.3.3-5.5
SUSE LINUX 10.1
  • gimp-unstable >= 2.3.7-17.5
openSUSE 10.2
  • gimp-unstable >= 2.3.11-51.1
SLE SDK 10 SP1 for IBM iSeries and IBM pSeries
SLE SDK 10 SP1 for IBM zSeries
SLE SDK 10 SP1 for IPF
SLE SDK 10 SP1 for X86-64
SLE SDK 10 SP1 for x86
SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP1 for x86
  • gimp >= 2.2.10-22.8.3
 core9.s390
core9.x86
YOU Patch Nr: 11511
ZYPP Patch Nr: 3283
SuSE Linux Desktop 1.0
  • gimp >= 1.2.3-544
 core9.s390
core9.x86
YOU Patch Nr: 11511
ZYPP Patch Nr: 3283
Novell Linux Desktop 9 SDK for x86
Novell Linux Desktop 9 SDK for x86_64
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • gimp >= 2.0.2-1.7
 core9.s390
core9.x86
YOU Patch Nr: 11511
ZYPP Patch Nr: 3283
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for IBM iSeries and IBM pSeries
SLES SDK 9 for IBM zSeries
SLES SDK 9 for IPF
SLES SDK 9 for X86-64
SLES SDK 9 for x86
  • gimp >= 2.0.0-16.11
 core9.s390
core9.x86
YOU Patch Nr: 11511
ZYPP Patch Nr: 3283
SUSE LINUX 10.0
  • gimp >= 2.2.8-6.6
SUSE LINUX 10.1
  • gimp >= 2.2.10-22.8.3
openSUSE 10.2
  • gimp >= 2.2.13-31

© 2012 Novell