Buffer Overflow in GIMP 2.6.12 and Earlier Allows Remote Code Execution

Buffer Overflow in GIMP 2.6.12 and Earlier Allows Remote Code Execution

CVE-2012-2763 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

Learn more about our Cis Benchmark Audit For Server Software.