CVE-2013-1913

Name of the Vulnerable Software and Affected Versions GIMP versions 2.6.9 and earlier

Description The issue is related to an integer overflow in the load image function in the X Window Dump (XWD) plug-in. This can be triggered by a large color entries value in an X Window System (XWD) image dump, potentially allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. The vulnerability can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For GIMP versions 2.6.9 and earlier, consider updating to a version that uses glib 2.24 or later to mitigate the risk. As a temporary workaround, consider restricting the use of the XWD plug-in or avoiding the processing of untrusted XWD image dumps until a patch is available.