File Overwrite and Information Disclosure Vulnerability in GIMP by GNOME
CVE-2018-12713
9.1CRITICAL
What is CVE-2018-12713?
GIMP versions prior to 2.10.3 are susceptible to a vulnerability that stems from the improper handling of temporary file names. The g_get_tmp_dir function can produce a filename that already exists, potentially leading to file overwriting or unauthorized reading of file content. An attacker may exploit this flaw through specially crafted inputs, thereby gaining access to private data or disrupting user workflows. This issue highlights the importance of secure file management practices in software development.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved