exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2012-2763

Status Candidate

Overview

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

Related Files

Gentoo Linux Security Advisory 201209-23
Posted Sep 28, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-23 - Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 2.6.12-r2 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1570, CVE-2009-3909, CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543, CVE-2011-1178, CVE-2011-2896, CVE-2012-2763, CVE-2012-3402
SHA-256 | 926d432f20f636e85ac0519408b8e94f610b43cc70f07d0dd06875097611ddad
GIMP 2.6 Script-Fu Buffer Overflow
Posted Jun 2, 2012
Authored by 0dem

This archive includes two exploits, one metasploit and one not, for the Gimp Script-Fu buffer overflow that affects versions 2.6.11.

tags | exploit, overflow
systems | linux
advisories | CVE-2012-2763
SHA-256 | e3ee9638af229ed6aa5180a0fb3e878840830b2522da449e5f24b626cf12dc82
GIMP script-fu Server Buffer Overflow
Posted Jun 2, 2012
Authored by juan vazquez, Joseph Sheridan | Site metasploit.com

This Metasploit module exploits a buffer overflow in the script-fu server component on GIMP <= 2.6.12. By sending a specially crafted packet, an attacker may be able to achieve remote code execution under the context of the user. This Metasploit module has been tested on GIMP for Windows from installers provided by Jernej Simoncic.

tags | exploit, remote, overflow, code execution
systems | windows
advisories | CVE-2012-2763, OSVDB-82429
SHA-256 | 639458a065dfbd4eece13f18e4a4a8606ca0ea7c1392c33c55adb20317d1bdad
GIMP 2.6 script-fu Buffer Overflow
Posted May 31, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

There is a buffer overflow in the script-fu server component of GIMP (the GNU Image Manipulation Program) in all 2.6 versions (Windows and Linux versions) affecting both the script-fu console and the script-fu network server. A crafted msg to the script-fu server overflows a buffer and overwrites several function pointers allowing the attacker to gain control of EIP and potentially execute arbitrary code. Proof of concept code included.

tags | exploit, overflow, arbitrary, proof of concept
systems | linux, windows
advisories | CVE-2012-2763
SHA-256 | 3314be7d12f71ac43757fa38c7b5d582d33d0a31d034dd7a8a87b9037b9edecb
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close