Novell Home

CVE-2012-3236

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3236 at MITRE

Description

fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

SUSE information

SUSE Bugzilla entries: 763595, 768376, 769565

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-devel >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • gimp >= 2.2.10-22.42.1
  • gimp-devel >= 2.2.10-22.42.1
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sled10-sp4.x86
sle10-sp4-sdk.x86-64
sle10-sp4-sdk.ppc
sle10-sp4-sdk.x86
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 8219
openSUSE 11.4
  • gimp >= 2.6.11-13.58.1
  • gimp-branding-upstream >= 2.6.11-13.58.1
  • gimp-debuginfo >= 2.6.11-13.58.1
  • gimp-debugsource >= 2.6.11-13.58.1
  • gimp-devel >= 2.6.11-13.58.1
  • gimp-devel-debuginfo >= 2.6.11-13.58.1
  • gimp-help-browser >= 2.6.11-13.58.1
  • gimp-help-browser-debuginfo >= 2.6.11-13.58.1
  • gimp-lang >= 2.6.11-13.58.1
  • gimp-module-hal >= 2.6.11-13.58.1
  • gimp-module-hal-debuginfo >= 2.6.11-13.58.1
  • gimp-plugins-python >= 2.6.11-13.58.1
  • gimp-plugins-python-debuginfo >= 2.6.11-13.58.1
  • libgimp-2_0-0 >= 2.6.11-13.58.1
  • libgimp-2_0-0-32bit >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo-32bit >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo-x86 >= 2.6.11-13.58.1
  • libgimp-2_0-0-x86 >= 2.6.11-13.58.1
  • libgimpui-2_0-0 >= 2.6.11-13.58.1
  • libgimpui-2_0-0-32bit >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo-32bit >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo-x86 >= 2.6.11-13.58.1
  • libgimpui-2_0-0-x86 >= 2.6.11-13.58.1
Patchnames:
openSUSE-2012-543

© 2015 Novell