1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: GIMP BO CVE-2012-2763

Attack: GIMP BO CVE-2012-2763

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt to exploit a buffer overflow vulnerability in GIMP.

Additional Information

GIMP is a program for manipulating images.

GIMP is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary-checks when processing a specially crafted message. Specifically, this issue affects the 'script-fu' server plugin. This issue exists in the 'readstr_upto()' function of the 'plug-ins/script-fu/tinyscheme/scheme.c' source file.

Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

GIMP versions 2.6.12 and prior are vulnerable.


  • GIMP GIMP 2.6.7
  • GIMP GIMP 2.6.6
  • GIMP GIMP 2.6.12
  • GIMP GIMP 2.6.11
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube