CVE-2020-24293

Опубликовано: 22 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.

Пакеты

Пакет	Статус	Релиз	Тип
freeimage	unfixed		package
freeimage	postponed	trixie	package
freeimage	postponed	bookworm	package
freeimage	postponed	bullseye	package

Примечания

https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
Patch in Fedora (not upstream'ed): https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2020-24293.patch

EPSS

Процентиль: 79%

0.01207

Низкий

Связанные уязвимости

CVE-2020-24293

CVSS3: 8.8

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.

CVE-2020-24293

CVSS3: 8.8

nvd

больше 2 лет назад

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.

GHSA-3r68-3m37-942g

CVSS3: 8.8

github

больше 2 лет назад

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.

EPSS

Процентиль: 79%

0.01207

Низкий