Oracle Solaris Third-Party Patch Update : gimp (cve_2012_2763_buffer_overflow)
High Nessus Plugin ID 80619
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/ scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server. (CVE-2012-2763)
SolutionUpgrade to Solaris 11/11 SRU 11.4.