CVE-2012-3403

EPSS 4.3%

Published: 8/25/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-3403

Description

Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."

Affected packages (1)

Debian/gimpfrom 0, < 2.8.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-3403