Unrated severityNVD Advisory· Published Jan 7, 2011· Updated Apr 29, 2026
CVE-2010-4540
CVE-2010-4540
Description
Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- bugs.debian.org/cgi-bin/bugreport.cginvdExploitThird Party Advisory
- openwall.com/lists/oss-security/2011/01/03/2nvdExploitMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/01/04/7nvdExploitMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201209-23.xmlnvdThird Party Advisory
- www.debian.org/security/2012/dsa-2426nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/64582nvdThird Party AdvisoryVDB Entry
- osvdb.org/70282nvdBroken Link
- secunia.com/advisories/42771nvdBroken Link
- secunia.com/advisories/44750nvdBroken Link
- secunia.com/advisories/48236nvdBroken Link
- secunia.com/advisories/50737nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0838.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-0839.htmlnvdBroken Link
- www.vupen.com/english/advisories/2011/0016nvdBroken Link
News mentions
0No linked articles in our index yet.