CVE-2010-4541

Name of the Vulnerable Software and Affected Versions GIMP version 2.6.11

Description The issue is a stack-based buffer overflow in the loadit function in the SPHERE DESIGNER plugin. This can be exploited by user-assisted remote attackers via a long "Number of lights" field in a plugin configuration file, potentially leading to a denial of service (application crash) or possibly the execution of arbitrary code.

Recommendations For GIMP version 2.6.11, consider disabling the SPHERE DESIGNER plugin until a patch is available to prevent potential exploitation. Avoid using the "Number of lights" field in the plugin configuration file with untrusted input.