Home

CVE-2012-3236

Description

fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
9.325

Associated Vulnerability

VulnerabilityOS Platform
Upgrade gimp 2.8.0 to latest versionWindows
Multiple Vulnerabilities are affected in GIMP 2.6.11Windows
Multiple Vulnerabilities are affected in GIMP 2.6.8Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-338143GIMP (2.10.38)
PATCH-338143GIMP (2.10.38)
PATCH-338143GIMP (2.10.38)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234