Novell Home

CVE-2009-3909

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-3909 at MITRE

Description

Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.

NVD CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 555166, 775429

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise 11 Moblin 2.0
  • gimp-debuginfo >= 2.6.2-3.28.1
  • gimp-debugsource >= 2.6.2-3.28.1
SAT Patch Nr: 2156
SUSE Linux Enterprise 11 Moblin 2.0
  • gimp >= 2.6.2-3.28.1
  • gimp-branding-upstream >= 2.6.2-3.28.1
  • gimp-lang >= 2.6.2-3.28.1
SAT Patch Nr: 2156
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise SDK 10 SP3
  • gimp >= 2.2.10-22.33.1
sle10-sp3-sdk.ia64
sled10-sp3.x86-64
sle10-sp3-sdk.x86
sle10-sp3-sdk.ia64
sle10-sp3-sdk.s390x
sle10-sp3-sdk.x86
sle10-sp3-sdk.ppc
sled10-sp3.x86
sle10-sp3-sdk.x86-64
sle10-sp3-sdk.ppc
sled10-sp3.x86
sle10-sp3-sdk.x86-64
sled10-sp3.x86-64
sle10-sp3-sdk.s390x
ZYPP Patch Nr: 6880
SUSE Linux Enterprise SDK 10 SP2
  • gimp >= 2.2.10-22.32
  • gimp-devel >= 2.2.10-22.32
sled10-sp2.x86-64
sle10-sp2-sdk.ppc
sle10-sp2-sdk.x86
sle10-sp2-sdk.ia64
sled10-sp2.x86
sle10-sp2-sdk.x86-64
sle10-sp2-sdk.s390x
ZYPP Patch Nr: 6882
SUSE Linux Enterprise SDK 10 SP2
  • gimp >= 2.2.10-22.33.1
  • gimp-devel >= 2.2.10-22.33.1
sled10-sp2.x86-64
sle10-sp2-sdk.ppc
sle10-sp2-sdk.x86
sle10-sp2-sdk.ia64
sled10-sp2.x86
sle10-sp2-sdk.x86-64
sle10-sp2-sdk.s390x
ZYPP Patch Nr: 6882
SUSE Linux Enterprise 11 GA DEBUGINFO
  • gimp-debuginfo >= 2.6.2-3.28.1
  • gimp-debugsource >= 2.6.2-3.28.1
sled11.x86
sle11-sdk.x86
sle11-sdk.ppc
sle11-sdk.x86-64
sle11-sdk.s390x
sle11-sdk.ia64
sled11.x86-64
SAT Patch Nr: 2155
SUSE Linux Enterprise SDK 11 GA
  • gimp >= 2.6.2-3.28.1
  • gimp-devel >= 2.6.2-3.28.1
  • gimp-lang >= 2.6.2-3.28.1
  • gimp-plugins-python >= 2.6.2-3.28.1
sled11.x86
sle11-sdk.x86
sle11-sdk.ppc
sle11-sdk.x86-64
sle11-sdk.s390x
sle11-sdk.ia64
sled11.x86-64
SAT Patch Nr: 2155
SUSE Linux Enterprise Desktop 11 GA
  • gimp >= 2.6.2-3.28.1
  • gimp-lang >= 2.6.2-3.28.1
  • gimp-plugins-python >= 2.6.2-3.28.1
sled11.x86
sle11-sdk.x86
sle11-sdk.ppc
sle11-sdk.x86-64
sle11-sdk.s390x
sle11-sdk.ia64
sled11.x86-64
SAT Patch Nr: 2155
SUSE Linux Enterprise 11 Moblin 2.1 DEBUGINFO
  • gimp-debuginfo >= 2.6.2-3.28.1
  • gimp-debugsource >= 2.6.2-3.28.1
SAT Patch Nr: 2157
SUSE Linux Enterprise 11 Moblin 2.1
  • gimp >= 2.6.2-3.28.1
  • gimp-branding-upstream >= 2.6.2-3.28.1
  • gimp-lang >= 2.6.2-3.28.1
SAT Patch Nr: 2157
openSUSE 11.0
  • gimp-debuginfo >= 2.4.5-41.2
  • gimp-debugsource >= 2.4.5-41.2
openSUSE 11.0
  • gimp >= 2.4.5-41.2
  • gimp-branding-upstream >= 2.4.5-41.2
  • gimp-devel >= 2.4.5-41.2
  • gimp-doc >= 2.4.5-41.2
  • gimp-plugins-python >= 2.4.5-41.2
openSUSE 11.2
  • gimp-debuginfo >= 2.6.8-1.1.1
  • gimp-debugsource >= 2.6.8-1.1.1
  • gimp-devel-debuginfo >= 2.6.8-1.1.1
  • gimp-help-browser-debuginfo >= 2.6.8-1.1.1
  • gimp-plugins-python-debuginfo >= 2.6.8-1.1.1
openSUSE 11.2
  • gimp >= 2.6.8-1.1.1
  • gimp-branding-upstream >= 2.6.8-1.1.1
  • gimp-devel >= 2.6.8-1.1.1
  • gimp-help-browser >= 2.6.8-1.1.1
  • gimp-lang >= 2.6.8-1.1.1
  • gimp-plugins-python >= 2.6.8-1.1.1
openSUSE 11.1
  • gimp-debuginfo >= 2.6.2-2.19.1
  • gimp-debugsource >= 2.6.2-2.19.1
openSUSE 11.1
  • gimp >= 2.6.2-2.19.1
  • gimp-branding-upstream >= 2.6.2-2.19.1
  • gimp-devel >= 2.6.2-2.19.1
  • gimp-doc >= 2.6.2-2.19.1
  • gimp-lang >= 2.6.2-2.19.1
  • gimp-plugins-python >= 2.6.2-2.19.1

© 2014 Novell