Gentoo Linux Security Advisory 201209-23 - Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 2.6.12-r2 are affected.
926d432f20f636e85ac0519408b8e94f610b43cc70f07d0dd06875097611ddadThis archive includes two exploits, one metasploit and one not, for the Gimp Script-Fu buffer overflow that affects versions 2.6.11.
e3ee9638af229ed6aa5180a0fb3e878840830b2522da449e5f24b626cf12dc82This Metasploit module exploits a buffer overflow in the script-fu server component on GIMP <= 2.6.12. By sending a specially crafted packet, an attacker may be able to achieve remote code execution under the context of the user. This Metasploit module has been tested on GIMP for Windows from installers provided by Jernej Simoncic.
639458a065dfbd4eece13f18e4a4a8606ca0ea7c1392c33c55adb20317d1bdadThere is a buffer overflow in the script-fu server component of GIMP (the GNU Image Manipulation Program) in all 2.6 versions (Windows and Linux versions) affecting both the script-fu console and the script-fu network server. A crafted msg to the script-fu server overflows a buffer and overwrites several function pointers allowing the attacker to gain control of EIP and potentially execute arbitrary code. Proof of concept code included.
3314be7d12f71ac43757fa38c7b5d582d33d0a31d034dd7a8a87b9037b9edecb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed