Secunia Research has discovered a vulnerability in Gimp, which can be exploited by malicious people to potentially compromise a user’s system. The vulnerability is caused by an integer overflow error within the “ReadImage()” function in plug-ins/file-bmp/bmp-read.c. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted BMP file. Version 2.6.7 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/82698/secunia-gimp.txt
Source: https://packetstormsecurity.com/files/82698/Gimp-BMP-Image-Parsing-Integer-Overflow.html