Description: There is a buffer overflow in the script-fu server component of GIMP
(the GNU Image Manipulation Program) in all 2.6 versions (Windows and
Linux versions) affecting both the script-fu console and the script-fu
network server. A crafted msg to the script-fu server overflows a buffer
and overwrites several function pointers allowing the attacker to gain
control of EIP and potentially execute arbitrary code. This issue is
fixed in the latest, stable GIMP version (currently 2.8.0).
Author:
=======
Mzer0 :
http://www.4xsecurityteam.com
http://twitter.com/4xsecurityteam
Tags: Metasploit , pentest , windows ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.