CVE-2010-4542

Name of the Vulnerable Software and Affected Versions GIMP version 2.6.11

Description The issue is related to a stack-based buffer overflow in the gfig read parameter gimp rgb function, which can be triggered by a long Foreground field in a plugin configuration file. This could allow user-assisted remote attackers to cause a denial of service, resulting in an application crash, or possibly execute arbitrary code. It's worth noting that obtaining a GIMP plugin configuration file from an untrusted source separate from the plugin distribution may be uncommon.

Recommendations For GIMP version 2.6.11, as a temporary workaround, consider restricting the use of the GFIG plugin until a patch is available. Avoid using long Foreground fields in plugin configuration files to minimize the risk of exploitation.