CVE-2012-3236: CVE-2012-3236

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-3236

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GIMP ‘fit’文件格式拒绝服务漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GIMP（GNU Image Manipulation Program，GNU图像处理程序）是GIMP团队开发的一套跨平台的开源图像处理软件。该软件能够实现多种图像处理，包括照片润饰、图像合成和图像创建等。 GIMP 2.8.1之前版本中的fits-io.c在处理部分FIT格式文件时存在拒绝服务漏洞。攻击者可利用该漏洞通过提供包含特制'XTENSION'头的FIT格式文件，诱使应用程序处理，可导致gimp崩溃。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-3236

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-3236

Please Login to view more intelligence information

https://bugzilla.gnome.org/show_bug.cgi?id=676804x_refsource_CONFIRM
http://git.gnome.org/browse/gimp/commit/plug-ins/file-fits/fits-io.c?id=ace45631595e8781a1420842582d67160097163cx_refsource_CONFIRM
http://www.reactionpenetrationtesting.co.uk/FIT-file-handling-dos.htmlx_refsource_MISC
http://www.securityfocus.com/bid/54246vdb-entryx_refsource_BID
http://www.exploit-db.com/exploits/19482exploitx_refsource_EXPLOIT-DB
http://www.ubuntu.com/usn/USN-1559-1vendor-advisoryx_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDVSA-2013:082vendor-advisoryx_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/76658vdb-entryx_refsource_XF
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.htmlvendor-advisoryx_refsource_SUSE
http://archives.neohapsis.com/archives/bugtraq/2012-06/0192.htmlmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2012-3236

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-3236

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2012-3236

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-3236

III. Intelligence Information for CVE-2012-3236

IV. Related Vulnerabilities

V. Comments for CVE-2012-3236

Leave a comment