This Metasploit module exploits a vulnerability found in ispVM System 18.0.2. Due to the way ispVM handles .xcf files, it is possible to cause a buffer overflow with a specially crafted file, when a long value is supplied for the version attribute of the ispXCF tag. It results in arbitrary code execution under the context of the user.
dd306ebaa1dbb06e60f50cd822da5c809e6e45d3a3bec14bed35322b5703fd6a