Bug 824541 (CVE-2012-2763)

Summary: CVE-2012-2763 gimp: Heap-based buffer overflow in the script-fu console by sending overly long arguments to script-fu server
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: mkolbas, nphilipp, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-31 06:43:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 824560    

Description Jan Lieskovsky 2012-05-23 17:30:45 UTC 
A heap-based buffer overflow flaw was found in the way Script-Fu plug-in of Gimp, a GNU Image Manipulation Program, processed certain arguments that have been provided to the TinyScheme console. A remote attacker could provide a specially-crafted Script-Fu script, which once processed by the plug-ins/script-fu executable could lead to script-fu executable crash, or, potentially arbitrary code execution with the privileges of the user running Gimp.

References:
[1] http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
[2] http://www.reactionpenetrationtesting.co.uk/advisories/scriptfubof.c
Comment 3 Jan Lieskovsky 2012-05-23 17:49:27 UTC 
Acknowledgements:

Red Hat would like to thank Joseph Sheridan of Reaction Information Security for reporting this issue.
Comment 10 Stefan Cornelius 2012-05-31 06:43:08 UTC 
Statement:

The Red Hat Security Response Team has rated this issue as having low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.