A commonly stated argument in favour of Open Source software is that "many eyes make bugs shallow" i.e. with a large number of developers reviewing the code bugs should be discovered and fixed with...

About GIMP
    GIMP is the cross-platform for image editing and it is the open source software. The software can be used by photographers, graphic designers and illustrators. It provides a sophisticated tool to get the job done. It will help in enhancing productivity with the option for customization along with 3D party plug-in. The software provides a high quality framework for the scripted image manipulation with multi-language support. It provides color management features for ensuring high-fidelity color reproduction across printed and digital media. It is used for using workflows that are involved with free software (Castro et al. 2018). It provides extensibility with the process of integration with programming languages. The result includes a high level of customization as a demonstration with a large number of plug-ins and scripts created with the community.
    GIMP has multiple capabilities and it is used with a simple paint program. It includes an expert quality photo retouching program with an online batch progressing system and image format converter. It is extensible and extendable that is designed with augmentation with extension and plug-ins. It includes an advanced scripting interface that allows development of simple tasks with complex image manipulation procedures (Rocafort Ferrer, 2017). The open source application is used for manipulation and creation of graphical images that runs on Linux. It includes distributed licensing terms that are defined with the GNU project. It offers photo retouching, image authoring and image composition.
The programming flaw involved
    Multiple vulnerabilities have been discovered in GIMP and it can be severe that can allow remote execution of the code. The successful exploitation of the severe vulnerabilities allows remote execution of code in the context of the application. It depends on privileges and it is associated with application. Attackers can install programs for changing, deleting and adding data. It can create a new account with full user rights. The configuration of the application can have fewer user rights on the system that can impact the operation of administrative user rights. It allows making a temporary directory can for establishing a temporary file name and it can result in a filename that already exists (Duan, 2019). It can leverage attackers for overwriting files and read file content that are kept to be private. Multiple stack-based buffer overflows and it allows remote attackers to cause a crash and it can execute arbitrary code with the use of the XWD file. The server does not require authentication and it allows remote attackers to execute the arbitrary command. Integer overflow in Read Image function can allow the attacker in causing denial of the server and it possibly executes the arbitrary code that is crafted with buffer overflow. Heal-buffer overflow can allow attackers in increasing denial of service that can trigger the issue.
    GIMP operations are applied with the active layer and it includes a common problem with layers that are not visible. It is possible that the active layers can be blocked and it provides the visibility of the active layer that is turned on. Flattened images and background layers do not have an alpha channel and it cannot have a layer that includes the problem. It includes the application of alpha channel function from the layer menu. The floating selection is disabled with all other layers till it is anchored with a new layer (Duan et al. 2019). The layer chose the new layer from the layer menu. The issue includes that not all image format supports the transparency and layer. It can support the alpha channel that uses Merge Visible Layer function room the layer menu.
Changes required making the code safe
    Changes that are required to be done include the use of secure code that will provide a better ability for fixing vulnerability. The use of frequent patches and updates can help in inheriting secure information. It will help in development of more secure code and it can have undiscovered vulnerability. The use of security stacks includes investment in technology and process. It will help in mitigation of risk and it provides a security system in the application. The way will help in securing and it will help in working for security threats that are growing sophisticated. The security...