|
|
>> Fedora Security Update Fixes GIMP Sunras Plugin Command Execution Vulnerability
|
Title : Fedora Security Update Fixes GIMP Sunras Plugin Command Execution Vulnerability
VUPEN ID : VUPEN/ADV-2007-1693
CVE ID : CVE-2007-2356
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-05-08
|
A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in GIMP. For additional information, see : VUPEN/ADV-2007-1560
Affected Products
Fedora Core 6
Fedora Core 5
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
729ed6a6ac211cd2b36cac0e0c545ed204d45487 SRPMS/gimp-2.2.14-5.fc5.src.rpm
729ed6a6ac211cd2b36cac0e0c545ed204d45487 noarch/gimp-2.2.14-5.fc5.src.rpm
c04e4b7b81019594fefc39ce008e8b372f87683c ppc/gimp-2.2.14-5.fc5.ppc.rpm
3a0d3944f284766c705deba6260b72b2fc5e77e2 ppc/gimp-devel-2.2.14-5.fc5.ppc.rpm
01add798f95e1fa3b2aaf2f9b08b628479c9e53e ppc/gimp-libs-2.2.14-5.fc5.ppc.rpm
573b314dfcb14366113db088bddeb0257f49e03c ppc/debug/gimp-debuginfo-2.2.14-5.fc5.ppc.rpm
fc3683a68d956306b02e980e1077769c6c7f1c12 x86_64/gimp-libs-2.2.14-5.fc5.x86_64.rpm
1a48f756d5efb530fbe85af52819db36680b2500 x86_64/debug/gimp-debuginfo-2.2.14-5.fc5.x86_64.rpm
5a542a0a58d94024b07cdeeb9e60777c77c63e97 x86_64/gimp-devel-2.2.14-5.fc5.x86_64.rpm
30fe0315f86289dee30396c7b20f7cec4edb0cf3 x86_64/gimp-2.2.14-5.fc5.x86_64.rpm
82ee257bc06c853e8b3b2921150cd6868895aa21 i386/gimp-devel-2.2.14-5.fc5.i386.rpm
2f6a6e65876342113f8358ed0966634052c2bc0f i386/gimp-libs-2.2.14-5.fc5.i386.rpm
5588880e828c5d4f8c3ea067a827a5dce12a1a55 i386/debug/gimp-debuginfo-2.2.14-5.fc5.i386.rpm
c0df533b9d4e03b6a12235ac673c44b516f23eed i386/gimp-2.2.14-5.fc5.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
ba8e7ccb71e74904b304ce6925ceae2e8e336f7d SRPMS/gimp-2.2.14-5.fc6.src.rpm
ba8e7ccb71e74904b304ce6925ceae2e8e336f7d noarch/gimp-2.2.14-5.fc6.src.rpm
335e68dd610e71ccab2864bd82a7b1722cea9e4c ppc/gimp-libs-2.2.14-5.fc6.ppc.rpm
1c1c3ba98ced2a5cadd2beb22352596531a952ba ppc/gimp-devel-2.2.14-5.fc6.ppc.rpm
a312592041426da6f955243d74a29a45349bcda7 ppc/debug/gimp-debuginfo-2.2.14-5.fc6.ppc.rpm
602522f2ec567dc3320765c94d8bbe60e9c19763 ppc/gimp-2.2.14-5.fc6.ppc.rpm
b3c1975cbf82590d5c72d7e414fb9e8d39d95d9d x86_64/debug/gimp-debuginfo-2.2.14-5.fc6.x86_64.rpm
524cf3f71081dbd5e44bb256b6894f8b3a4e587e x86_64/gimp-libs-2.2.14-5.fc6.x86_64.rpm
4d3e6966a32618a6752b36c18c7dd70f4ee747ab x86_64/gimp-devel-2.2.14-5.fc6.x86_64.rpm
226b073305b15ac9b242559a2a48f46ffecda5a1 x86_64/gimp-2.2.14-5.fc6.x86_64.rpm
4780aaccaa51d9bdda6b7e839f66df55e3a1bd16 i386/gimp-devel-2.2.14-5.fc6.i386.rpm
a861c10fa4feb6c87dfa058c2f24005933979694 i386/gimp-2.2.14-5.fc6.i386.rpm
f97c7df7801ee038fa789db3ccb8abae2908a168 i386/debug/gimp-debuginfo-2.2.14-5.fc6.i386.rpm
3a74780f66699c7705657c02e275dc7ff0396a33 i386/gimp-libs-2.2.14-5.fc6.i386.rpm
References
http://www.vupen.com/english/advisories/2007/1693
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00009.html
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00008.html
ChangeLog
2007-05-08 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
