Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-21426

Опубликовано: 22 авг. 2023
Источник: debian

Описание

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
freeimageunfixedpackage
freeimagepostponedtrixiepackage
freeimagepostponedbookwormpackage
freeimagepostponedbullseyepackage
freeimagepostponedbusterpackage

Примечания

  • https://sourceforge.net/p/freeimage/bugs/300/

  • it looks like the issue is in openexr. No relevant patches in freeimage are detected

Связанные уязвимости

ubuntu логотип

CVE-2020-21426

CVSS3: 7.8
ubuntu
больше 2 лет назад

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

nvd логотип

CVE-2020-21426

CVSS3: 7.8
nvd
больше 2 лет назад

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

github логотип

GHSA-cwpj-jqfc-p782

CVSS3: 7.8
github
больше 2 лет назад

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.