KLA10860
Code execution vulnerability in GIMP
Обновлено: 17/06/2019
Дата обнаружения
12/07/2016
Уровень угрозы
High
Описание

Use-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file.


Technical details

This vulnerability related to xcf_load_image function in app/xcf/xcf-load.c .

Пораженные продукты

GIMP versions earlier than 2.8.18

Решение

Update to the latest version
GIMP downloads page

Первичный источник обнаружения
GIMP update new
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
GIMP
CVE-IDS