Forum Thread: Gimp reporting by PSI refers to wrong folder

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
Transparency Gimp reporting by PSI refers to wrong folder
Member 6th Oct, 2012 18:07
Ranking: 29
Posts: 7
User Since: 3rd Mar, 2012
System Score: N/A
Location: US
Last edited on 6th Oct, 2012 18:11

While Gimp uses Python, and the latter may be vulnerable, PSI's reporting of the folder location of where Gimp is installed is false on a Windows x64 install.

This is the first time I've ever seen PSI misreport a folder location since its inception.

This report applies to PSI 2.0, btw.

GIMP should probably be installed within "Program Files(x86)", it actually gets applied to the 64 bit "Program Files" folder.

But PSI thinks it's in the (x86) location.

Even after completely manually uninstalling GIMP from the "Program Files" path, along with the apparently vulnerable "libgtk-win32-2.0-0.dll" file, the rescan of the file claims it still exists in the (x86) location, although it may have never existed there in the first place and no longer exists on the computer in the second place.

Perhaps the previous Gimp 2.6? existed there (x86) and the replacement 2.8 went to the 64bit Program Files location?

Regardless, once installed, PSI still reports a no-longer-existant "libgtk-win32-2.0-0.dll" file.

The non-existence of this file is confirmed by a "SearchEverything" program search on the computer.

This user no longer exists RE: Gimp reporting by PSI refers to wrong folder
Secunia Official 8th Oct, 2012 13:16
When the PSI detects a file/program on a computer it should definitely be there. If in doubt, this entry in the FAQ will help you locate and examine the file.
http://secunia.com/vulnerability_scanning/personal...

It is possible however that we need to update our detection rule for Python. Please send us a software suggestion for that file and make sure to put a link to this thread in the comments.

This FAQ entry describes how to send a software suggestion.
http://secunia.com/vulnerability_scanning/personal...


This thread has been marked as locked.