Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2006-3404

Back to Search

SUSE Linux Security Vulnerability: CVE-2006-3404

Severity
5
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Published
07/06/2006
Created
07/25/2018
Added
02/17/2015
Modified
07/04/2017

Description

Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.

Solution(s)

  • suse-upgrade-cairo
  • suse-upgrade-cairo-32bit
  • suse-upgrade-cairo-64bit
  • suse-upgrade-cairo-devel
  • suse-upgrade-cairo-doc
  • suse-upgrade-cairo-x86
  • suse-upgrade-control-center2
  • suse-upgrade-control-center2-devel
  • suse-upgrade-eel
  • suse-upgrade-eel-32bit
  • suse-upgrade-eel-64bit
  • suse-upgrade-eel-devel
  • suse-upgrade-eel-x86
  • suse-upgrade-evolution-data-server
  • suse-upgrade-evolution-data-server-32bit
  • suse-upgrade-evolution-data-server-64bit
  • suse-upgrade-evolution-data-server-devel
  • suse-upgrade-evolution-data-server-x86
  • suse-upgrade-ghex
  • suse-upgrade-gimp
  • suse-upgrade-gimp-devel
  • suse-upgrade-gnome-applets
  • suse-upgrade-gnome-applets-devel
  • suse-upgrade-gnome-cups-manager
  • suse-upgrade-gnome-cups-manager-devel
  • suse-upgrade-gnome-desktop
  • suse-upgrade-gnome-desktop-32bit
  • suse-upgrade-gnome-desktop-64bit
  • suse-upgrade-gnome-desktop-devel
  • suse-upgrade-gnome-desktop-x86
  • suse-upgrade-gnome-keyring
  • suse-upgrade-gnome-keyring-32bit
  • suse-upgrade-gnome-keyring-64bit
  • suse-upgrade-gnome-keyring-devel
  • suse-upgrade-gnome-keyring-x86
  • suse-upgrade-gnome-main-menu
  • suse-upgrade-gnome-main-menu-devel
  • suse-upgrade-gnome-menus
  • suse-upgrade-gnome-menus-32bit
  • suse-upgrade-gnome-menus-64bit
  • suse-upgrade-gnome-menus-devel
  • suse-upgrade-gnome-menus-x86
  • suse-upgrade-gnome-panel-nld
  • suse-upgrade-gnome-panel-nld-32bit
  • suse-upgrade-gnome-panel-nld-64bit
  • suse-upgrade-gnome-panel-nld-devel
  • suse-upgrade-gnome-panel-nld-doc
  • suse-upgrade-gnome-panel-nld-x86
  • suse-upgrade-gnome-vfs2
  • suse-upgrade-gnome-vfs2-32bit
  • suse-upgrade-gnome-vfs2-64bit
  • suse-upgrade-gnome-vfs2-devel
  • suse-upgrade-gnome-vfs2-doc
  • suse-upgrade-gnome-vfs2-x86
  • suse-upgrade-gstreamer010
  • suse-upgrade-gstreamer010-32bit
  • suse-upgrade-gstreamer010-64bit
  • suse-upgrade-gstreamer010-devel
  • suse-upgrade-gstreamer010-doc
  • suse-upgrade-gstreamer010-x86
  • suse-upgrade-gtk2
  • suse-upgrade-gtk2-32bit
  • suse-upgrade-gtk2-64bit
  • suse-upgrade-gtk2-devel
  • suse-upgrade-gtk2-devel-64bit
  • suse-upgrade-gtk2-doc
  • suse-upgrade-gtk2-x86
  • suse-upgrade-gtkhtml2
  • suse-upgrade-gtkhtml2-devel
  • suse-upgrade-intltool
  • suse-upgrade-libgnomedb
  • suse-upgrade-libgnomedb-devel
  • suse-upgrade-libgnomesu
  • suse-upgrade-libgnomesu-devel
  • suse-upgrade-libgnomeui
  • suse-upgrade-libgnomeui-32bit
  • suse-upgrade-libgnomeui-64bit
  • suse-upgrade-libgnomeui-devel
  • suse-upgrade-libgnomeui-doc
  • suse-upgrade-libgnomeui-x86
  • suse-upgrade-libgsf
  • suse-upgrade-libgsf-32bit
  • suse-upgrade-libgsf-64bit
  • suse-upgrade-libgsf-devel
  • suse-upgrade-libgsf-doc
  • suse-upgrade-libgsf-gnome
  • suse-upgrade-libgsf-x86
  • suse-upgrade-libsoup
  • suse-upgrade-libsoup-32bit
  • suse-upgrade-libsoup-64bit
  • suse-upgrade-libsoup-devel
  • suse-upgrade-libsoup-devel-32bit
  • suse-upgrade-libsoup-devel-64bit
  • suse-upgrade-libsoup-x86
  • suse-upgrade-mozilla-nspr
  • suse-upgrade-mozilla-nspr-32bit
  • suse-upgrade-mozilla-nspr-64bit
  • suse-upgrade-mozilla-nspr-devel
  • suse-upgrade-mozilla-nspr-x86
  • suse-upgrade-nautilus
  • suse-upgrade-nautilus-32bit
  • suse-upgrade-nautilus-64bit
  • suse-upgrade-nautilus-devel
  • suse-upgrade-nautilus-x86
  • suse-upgrade-vte
  • suse-upgrade-vte-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;