CVE-2011-1178

Name of the Vulnerable Software and Affected Versions GIMP versions 2.6.x and earlier

Description The issue is caused by multiple integer overflows in the load image function in the Personal Computer Exchange (PCX) plugin, which can lead to a denial of service (application crash) or possibly allow execution of arbitrary code. This can be triggered by a crafted PCX image that causes a heap-based buffer overflow.

Recommendations For GIMP versions 2.6.x and earlier, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, avoid using the PCX plugin to open potentially malicious images until a patch is available.