KLA10860
Code execution vulnerability in GIMP
Updated: 05/22/2020
Detect date
?
07/12/2016
Severity
?
High
Description

Use-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file.


Technical details

This vulnerability related to xcf_load_image function in app/xcf/xcf-load.c .

Affected products

GIMP versions earlier than 2.8.18

Solution

Update to the latest version
GIMP downloads page

Original advisories

GIMP update new

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
GIMP
CVE-IDS
?