Upstream information
Description
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Novell/SUSE information
Novell Bugzilla entry: 763595 SUSE Security Advisories:- openSUSE-SU-2012:1080-1, published Mon, 3 Sep 2012 11:09:17 +0200 (CEST)
- openSUSE-SU-2012:1131-1, published Fri, 7 Sep 2012 11:08:39 +0200 (CEST)