Description
A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro
(PSP) image file plug-in. An attacker could create a specially-crafted PSP
image file that, when opened, could cause the PSP plug-in to crash or,
potentially, execute arbitrary code with the privileges of the user running
the GIMP. (CVE-2010-4543)
A stack-based buffer overflow flaw was found in the GIMP's Lightning,
Sphere Designer, and Gfig image filters. An attacker could create a
specially-crafted Lightning, Sphere Designer, or Gfig filter configuration
file that, when opened, could cause the relevant plug-in to crash or,
potentially, execute arbitrary code with the privileges of the user running
the GIMP. (CVE-2010-4540, CVE-2010-4541, CVE-2010-4542)