ALT-PU-2018-2325-1
Package libfreeimage updated to version 3.18.0-alt1 for branch sisyphus in task 211059.
Closed vulnerabilities
Published: 2015-09-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-0852
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
Severity: MEDIUM (5.0)
References:
- FEDORA-2015-decbab7c9f
- FEDORA-2015-decbab7c9f
- FEDORA-2015-992342e82f
- FEDORA-2015-992342e82f
- FEDORA-2015-16105
- FEDORA-2015-16105
- FEDORA-2015-16104
- FEDORA-2015-16104
- FEDORA-2015-16106
- FEDORA-2015-16106
- DSA-3392
- DSA-3392
- [oss-security] 20150828 CVE-2015-0852 [FreeImage] Integer overflow in PluginPCX.cpp
- [oss-security] 20150828 CVE-2015-0852 [FreeImage] Integer overflow in PluginPCX.cpp
- 1034077
- 1034077
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797165
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797165
- GLSA-201701-68
- GLSA-201701-68
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Published: 2017-01-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-5684
An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability.
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- 93287
- 93287
- http://www.talosintelligence.com/reports/TALOS-2016-0189/
- http://www.talosintelligence.com/reports/TALOS-2016-0189/
- GLSA-201701-68
- GLSA-201701-68
- USN-3925-1
- USN-3925-1
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html