CVE-2010-4541

Published: 07 January 2011

Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself.

Priority

Low

Status

Package Release Status
gimp
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Upstream: http://git.gnome.org/browse/gimp/commit/?id=7fb0300e1cfdb98a3bde54dbc73a0f3eda375162
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.