CVE-2012-3236
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
Date published : 2012-07-12
http://www.securityfocus.com/bid/54246
http://archives.neohapsis.com/archives/bugtraq/2012-06/0192.html