Published: 12 July 2012
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
The vast majority of gimp installs will not be using the script-fu network server
The script-fu network server should not be used in untrusted environments. We are not going to fix this, marking as ignored.