CVE-2012-2763
SUSE Linux Enterprise Desktop 11 SP1,SUSE Linux Enterprise Desktop 11 SP2,SUSE Linux Enterprise Software Development Kit 11 SP1,SUSE Linux Enterprise Software Development Kit 11 SP2
CVE-2012-2763, security advisory, novell, suse linux, suse, security, cve

CVE-2012-2763

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-2763 at MITRE

Description

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.48
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 763595 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-devel >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • gimp >= 2.6.2-3.34.35.1
  • gimp-lang >= 2.6.2-3.34.35.1
  • gimp-plugins-python >= 2.6.2-3.34.35.1
sle11-sp2-sdk.ppc
sle11-sp1-sdk.x86
sled11-sp1.x86
sle11-sp2-sdk.s390x
sle11-sp1-sdk.s390x
sled11-sp2.x86-64
sle11-sp1-sdk.ppc
sle11-sp1-sdk.ia64
sle11-sp2-sdk.x86-64
sled11-sp2.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 6542
openSUSE 11.4
  • gimp >= 2.6.11-13.58.1
  • gimp-branding-upstream >= 2.6.11-13.58.1
  • gimp-debuginfo >= 2.6.11-13.58.1
  • gimp-debugsource >= 2.6.11-13.58.1
  • gimp-devel >= 2.6.11-13.58.1
  • gimp-devel-debuginfo >= 2.6.11-13.58.1
  • gimp-help-browser >= 2.6.11-13.58.1
  • gimp-help-browser-debuginfo >= 2.6.11-13.58.1
  • gimp-lang >= 2.6.11-13.58.1
  • gimp-module-hal >= 2.6.11-13.58.1
  • gimp-module-hal-debuginfo >= 2.6.11-13.58.1
  • gimp-plugins-python >= 2.6.11-13.58.1
  • gimp-plugins-python-debuginfo >= 2.6.11-13.58.1
  • libgimp-2_0-0 >= 2.6.11-13.58.1
  • libgimp-2_0-0-32bit >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo-32bit >= 2.6.11-13.58.1
  • libgimp-2_0-0-debuginfo-x86 >= 2.6.11-13.58.1
  • libgimp-2_0-0-x86 >= 2.6.11-13.58.1
  • libgimpui-2_0-0 >= 2.6.11-13.58.1
  • libgimpui-2_0-0-32bit >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo-32bit >= 2.6.11-13.58.1
  • libgimpui-2_0-0-debuginfo-x86 >= 2.6.11-13.58.1
  • libgimpui-2_0-0-x86 >= 2.6.11-13.58.1
Patchnames:
openSUSE-2012-543