Sorry, no idea what could be causing this. Does your system have unusually large amount of fonts? Which version of Windows 10 you have (1809? 1903? Something else?)

"Code execution vulnerability in GIMP
Updated: 06/01/2019
Detect date
?
07/12/2016
Severity
?
High
Description


Use-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file.

Technical details

This vulnerability related to xcf_load_image function in app/xcf/xcf-load.c .
Affected products


GIMP versions earlier than 2.8.18
Solution


Update to the latest version
GIMP downloads page
Original advisories


GIMP update new
Impacts
?
ACE
[?]

DoS
[?]
CVE-IDS
?

CVE-2016-49946.8High"

I got this result from a AV scan

Is it something we should be concerned about does anyone know? I don't wan't DOS attacks on my machine

And If so why aren't PC Mark updating the Gimp version?

Originally posted by UL_Jarnis:

Sorry, no idea what could be causing this. Does your system have unusually large amount of fonts? Which version of Windows 10 you have (1809? 1903? Something else?)

i have actually alot of fonts, downloaded from a free homepage... does it affect the test? latest version of W10

It could. Obvious thing to try would be to try to trim the extra fonts.

Originally posted by Cunning Stunts:

"Code execution vulnerability in GIMP
Updated: 06/01/2019
Detect date
?
07/12/2016
Severity
?
High
Description


Use-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file.

Technical details

This vulnerability related to xcf_load_image function in app/xcf/xcf-load.c .
Affected products


GIMP versions earlier than 2.8.18
Solution


Update to the latest version
GIMP downloads page
Original advisories


GIMP update new
Impacts
?
ACE
[?]

DoS
[?]
CVE-IDS
?

CVE-2016-49946.8High"

I got this result from a AV scan

Is it something we should be concerned about does anyone know? I don't wan't DOS attacks on my machine

And If so why aren't PC Mark updating the Gimp version?

Updating Gimp would affect scores. We generally do not do that.

This vulnerability is very theoretical with PCMark 10 as you do not use the version inside PCMark 10 except to run specific PCMark 10 tests (which have fixed files which they load). Only way this would apply is if you went to manually start the Gimp from inside PCMark 10 install folders and then used that to open a boobytrapped file. So as long as you do not do that and only PCMark 10 itself starts its Gimp, this issue cannot occur.

I see, thank you for clearing that up for me UL_Jarnis

I have exactly the same problem. I haven't installed a lot of extra fonts yet, but Gimp freezes on startup when loading fonts.

Originally posted by Fxlei:

I have exactly the same problem. I haven't installed a lot of extra fonts yet, but Gimp freezes on startup when loading fonts.

Does the same thing occur if you install normal standalone version of GIMP on your system and try to start it?

If it does, it suggests you may have corrupted font present in your system.

I assume it's building some sort of font database. After the 1st loading it takes only a few seconds to load.
I have around 1200 fonts in my system, and the initial loading took about 10 mins. When I check the task manager, there's one thread at full loads and I can see read activities on OS drive.