Home

CVE-2017-17785

Description

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.366

Associated Vulnerability

VulnerabilityOS Platform
Upgrade gimp 2.8.22 to latest versionWindows
Multiple Vulnerabilities are affected in GIMP 2.8.22Windows
gimp security update(DSA-4077-1) gimp_2.8.18-1+deb9u1_i386.debLinux
gimp security update(DSA-4077-1) gimp_2.8.18-1+deb9u1_amd64.debLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-debuginfo-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-debugsource-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-lang-2.8.18-9.8.1.noarch.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-plugins-python-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) gimp-plugins-python-debuginfo-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) libgimp-2_0-0-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) libgimp-2_0-0-debuginfo-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) libgimpui-2_0-0-2.8.18-9.8.1.x86_64.rpmLinux
SUSE-SU-2020:0601-1(SUSE Linux Enterprise Desktop 12-SP4 ) libgimpui-2_0-0-debuginfo-2.8.18-9.8.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-338143GIMP (2.10.38)
PATCH-338143GIMP (2.10.38)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234