CVE-2012-4245

The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.

Date published : 2012-08-31

http://www.securityfocus.com/bid/55089

http://archives.neohapsis.com/archives/bugtraq/2012-08/0106.html