ID CVE-2017-17789
Summary In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
References
Vulnerable Configurations
  • cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*
    cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
CVSS
Base: 6.8 (as of 07-02-2022 - 18:43)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 102898
debian DSA-4077
misc
mlist [debian-lts-announce] 20171223 [SECURITY] [DLA 1220-1] gimp security update
ubuntu USN-3539-1
Last major update 07-02-2022 - 18:43
Published 20-12-2017 - 09:29
Last modified 07-02-2022 - 18:43
Back to Top