Red Hat Bugzilla – Bug 834627
CVE-2012-3236 gimp: NULL pointer deref crash when reading FIT file with crafted XTENSION header
Last modified: 2016-03-04 06:49:39 EST
A denial of service flaw was found in the way GIMP, GNU Image Manipulation Program, processed certain FIT format files. A remote attacker could provide a FIT format file with specially-crafted value of the 'XTENSION' header that, when opened would cause the gimp executable to crash.
Red Hat would like to thank Joseph Sheridan for reporting this issue.
Upstream bug and commit:
Created gimp tracking bugs for this issue
Affects: fedora-all [bug 836517]
We do not consider a user-assisted crash of a client application such as Gimp to be a security issue.