GNU Image Manipulation Program Multiple Integer Overflow Vulnerabilities

GNU Image Manipulation Program Multiple Integer Overflow Vulnerabilities

GNU Image Manipulation Program (GIMP) is prone to multiple integer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data.

An attacker can exploit these vulnerabilities to execute arbitrary code with the privileges of the user running GIMP. Failed exploit attempts will likely cause denial-of-service conditions.

Versions prior to GIMP 2.2.16 are vulnerable.