CVE-2013-1978

Name of the Vulnerable Software and Affected Versions GIMP versions 2.6.9 and earlier gimp-debuginfo version 2.2.13

Description The issue is related to a heap-based buffer overflow in the read xwd cols function in the X Window Dump (XWD) plug-in, which can be exploited by remote attackers using an X Window System (XWD) image dump with more colors than color map entries, potentially leading to a denial of service (crash) and possibly the execution of arbitrary code. Additionally, multiple vulnerabilities in the gimp-debuginfo package may lead to violations of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For GIMP versions 2.6.9 and earlier, update to a version later than 2.6.9 to resolve the issue. For gimp-debuginfo version 2.2.13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.