Novell Home

CVE-2012-2763

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-2763 at MITRE

Description

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 763595

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-devel >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542

© 2014 Novell