CVE-2012-5576

Name of the Vulnerable Software and Affected Versions GIMP versions 2.8.2 GIMP version 2.2.13

Description The issue involves multiple stack-based buffer overflows in the X Window Dump (XWD) plug-in, specifically in file-xwd.c, which can be exploited remotely. This can lead to a denial of service (crash) and possibly allow remote attackers to execute arbitrary code via a large color mask in an XWD file, affecting the confidentiality, integrity, and availability of protected information.

Recommendations For GIMP version 2.8.2, consider disabling the XWD plug-in until a patch is available. For GIMP version 2.2.13, restrict access to the XWD file handling functionality to minimize the risk of exploitation. As a temporary workaround, avoid using the XWD plug-in in GIMP until the issue is resolved.