CVE-2012-2763 GIMP script-fu Server Buffer Overflow (Metasploit Demo)
There is a buffer overflow in the script-fu server component of GIMP
(the GNU Image Manipulation Program) in all 2.6 versions (Windows and
Linux versions) affecting both the script-fu console and the script-fu
network server. A crafted msg to the script-fu server overflows a buffer
and overwrites several function pointers allowing the attacker to gain
control of EIP and potentially execute arbitrary code. This issue is
fixed in the latest, stable GIMP version (currently 2.8.0).
CVE number: CVE-2012-2763
Impact: high
Author:
=======
Mzer0 :
http://www.4xsecurityteam.com
/ 4xsecurityteam