CVE-2010-4542

Priority
Description
Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in
plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows
user-assisted remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a long Foreground field in a
plugin configuration file. NOTE: it may be uncommon to obtain a GIMP
plugin configuration file from an untrusted source that is separate from
the distribution of the plugin itself. NOTE: some of these details are
obtained from third party information.
Notes
Package
Source: gimp (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Upstream:http://git.gnome.org/browse/gimp/commit/?id=7fb0300e1cfdb98a3bde54dbc73a0f3eda375162
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#stack-protector
More Information

Updated: 2020-09-10 01:39:18 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)