Mandriva Linux Security Advisory 2011-110 - Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow.
2fdbbf771f216ac57653ff70385e0996b57fbad35d9dd3b2bb53e51bd41d7159