A stack-based buffer overflow flaw was found in the way GIMP, the GNU Image Manipulation Program, performed loading of certain X Window System (XWD) image dumps. A remote attacker could provide a specially-crafted XWD format image file that, when processed, would lead to gimp XWD plug-in crash or, potentially, arbitrary code execution with the privileges of the user running the gimp executable. References: [1] http://www.openwall.com/lists/oss-security/2012/11/21/2 Upstream bug report: [2] https://bugzilla.gnome.org/show_bug.cgi?id=687392 Relevant patch: [3] http://git.gnome.org/browse/gimp/commit/?id=0b35f6a082a0b3c372c568ea6bde39a4796acde2 Reproducer: [4] https://bugzilla.gnome.org/show_bug.cgi?id=687392#c1
This issue affects the versions of the gimp package, as shipped with Red Hat Enterprise Linux 5 and 6. -- This issue affects the versions of the gimp package, as shipped with Fedora release of 16 and 17. Please schedule an update.
Created gimp tracking bugs for this issue Affects: fedora-all [bug 879306]
Created attachment 649873 [details] Local copy of the reproducer image
This issue has been assigned CVE-2012-5576 via: http://www.openwall.com/lists/oss-security/2012/11/27/1
gimp-2.8.4-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2013:1778 https://rhn.redhat.com/errata/RHSA-2013-1778.html