| 2 | |
| 3 | |
| 4 | {{{ |
| 5 | |
| 6 | |
| 7 | We are releasing GIMP 2.8.18 to fix a vulnerability in the XCF loading code (CVE-2016-4994). With special XCF files, GIMP can be caused to crash, and possibly be made to execute arbitrary code provided by the attacker. |
| 8 | |
| 9 | This release includes additional bug fixes since 2.8.16. An important change has happened to the initial startup experience on Microsoft Windows and OS X platforms - any “GIMP is not responding” errors encountered there should be gone. |
| 10 | |
| 11 | The source code for GIMP 2.8.18 is available from our downloads page; pre-built packages for Microsoft Windows and OS X will follow shortly. |
| 12 | }}} |
| 13 | |
| 14 | |
| 15 | {{{ |
| 16 | Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file. |
| 17 | }}} |
| 18 | |
| 19 | |
| 20 | {{{ |
| 21 | Impact |
| 22 | CVSS Severity (version 3.0): |
| 23 | CVSS v3 Base Score: 7.8 High |
| 24 | Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 25 | Impact Score: 5.9 |
| 26 | Exploitability Score: 1.8 |
| 27 | CVSS Version 3 Metrics: |
| 28 | Attack Vector (AV): Local |
| 29 | Attack Complexity (AC): Low |
| 30 | Privileges Required (PR): None |
| 31 | User Interaction (UI): Required |
| 32 | Scope (S): Unchanged |
| 33 | Confidentiality (C): High |
| 34 | Integrity (I): High |
| 35 | Availability (A): High |
| 36 | }}} |