SuSE 10 Security Update : gimp (ZYPP Patch Number 6882)
High Nessus Plugin ID 51747
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionInteger overflows in the BMP and PSD plug-ins potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files.
- CVE-2009-3909: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors. (CWE-189).
(CVE-2009-1570: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P)). (- Numeric Errors (CWE-189))
SolutionApply ZYPP patch number 6882.