Nils Philippsen

**Name of the Vulnerable Software and Affected Versions** GIMP version 2.6.11 **Description** The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro (PSP) plugin. This can be triggered by a PSP COMP RLE (aka RLE compression) image file that begins a long run count at the end of the image, potentially allowing remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code. **Recommendations** For GIMP version 2.6.11, consider disabling the PSP plugin until a patch is available to prevent potential exploitation. Restrict access to image files using the PSP COMP RLE compression to minimize the risk of a denial of service or arbitrary code execution.