cpe:/a:gnu:gimp:2.6.11 CVE-2010-4542 2011-01-07T15:00:05.093-05:00 2018-07-20T21:29:00.583-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-01-10T12:46:00.000-05:00 SECUNIA 42771 SECUNIA 44750 SECUNIA 48236 SECUNIA 50737 OSVDB 70283 VUPEN ADV-2011-0016 DEBIAN DSA-2426 GENTOO GLSA-201209-23 MANDRIVA MDVSA-2011:103 REDHAT RHSA-2011:0838 REDHAT RHSA-2011:0839 SUSE SUSE-SR:2011:005 MLIST [oss-security] 20110103 CVE request for buffer overflows in gimp MLIST [oss-security] 20110104 Re: CVE request for buffer overflows in gimp MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=666793 Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.