Novell Home

CVE-2012-5576

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-5576 at MITRE

Description

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 791372

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP3 DEBUGINFO
  • gimp-debuginfo >= 2.6.2-3.34.45.1
  • gimp-debugsource >= 2.6.2-3.34.45.1
Builds
SAT Patch Nr: 8856
SUSE Linux Enterprise Software Development Kit 11 SP3
  • gimp >= 2.6.2-3.34.45.1
  • gimp-devel >= 2.6.2-3.34.45.1
  • gimp-lang >= 2.6.2-3.34.45.1
  • gimp-plugins-python >= 2.6.2-3.34.45.1
Builds
SAT Patch Nr: 8856
SUSE Linux Enterprise Desktop 11 SP3
  • gimp >= 2.6.2-3.34.45.1
  • gimp-lang >= 2.6.2-3.34.45.1
  • gimp-plugins-python >= 2.6.2-3.34.45.1
Builds
SAT Patch Nr: 8856

© 2014 Novell