CVE 2012-4245
The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- BUGTRAQ: 20120816 GIMP Scriptfu...
- MLIST: [oss-security] 2012081...
- MLIST: [oss-security] 2012081...
- MLIST: [oss-security] 2012082...
- MISC: http://www.reactionpen...
- BID: 55089
- CONFIRM: http://www.xerox.com/d...
- GENTOO: GLSA-201603-01
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)