GIMP Heap Buffer Overflow Vulnerability in TGA Image Processing

Vulnerability

A heap buffer overflow vulnerability has been identified in GIMP versions prior to 3.0.0, specifically within the TGA image file parser. This vulnerability arises from improper handling of certain TGA files, which can be crafted by an attacker to exploit memory management flaws. The exploitation of this vulnerability may lead to memory corruption, application crashes, and potentially allow for arbitrary code execution.

Impact

Exploitation of this vulnerability causes multiple heap buffer overflows, which can lead to memory corruption and application crashes. Additionally, according to Red Hat, such heap-based buffer overflows could be exploited to execute arbitrary code.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GIMP Heap Buffer Overflow Vulnerability in TGA Image Processing

Vulnerability

Impact

Affected Products

GIMP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating