Search for vulnerabilities
Vulnerability details: VCID-kcrs-j7v9-aaad
Vulnerability ID VCID-kcrs-j7v9-aaad
Aliases CVE-2007-3741
Summary The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0513
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01431 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01551 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01551 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.01808 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
epss 0.0184 https://api.first.org/data/v1/epss?cve=CVE-2007-3741
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=248053
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2007-3741
Reference id Reference type URL
http://osvdb.org/42128
http://osvdb.org/42129
http://osvdb.org/42130
http://osvdb.org/42131
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3741.json
https://api.first.org/data/v1/epss?cve=CVE-2007-3741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3741
http://secunia.com/advisories/26575
http://secunia.com/advisories/26939
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10099
http://www.mandriva.com/security/advisories?name=MDKSA-2007:170
http://www.redhat.com/support/errata/RHSA-2007-0513.html
http://www.securityfocus.com/bid/25424
248053 https://bugzilla.redhat.com/show_bug.cgi?id=248053
CVE-2007-3741 https://nvd.nist.gov/vuln/detail/CVE-2007-3741
RHSA-2007:0513 https://access.redhat.com/errata/RHSA-2007:0513
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-3741
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.85505
EPSS Score 0.01288
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.