CVE-2020-24295

Опубликовано: 22 авг. 2023

Источник: debian

Описание

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.

Пакеты

Пакет	Статус	Релиз	Тип
freeimage	unfixed		package
freeimage	postponed	trixie	package
freeimage	postponed	bookworm	package
freeimage	postponed	bullseye	package

Примечания

https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
Patch in Fedora (not upstream'ed): https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2020-24295.patch

Связанные уязвимости

CVE-2020-24295

CVSS3: 8.8

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.

CVE-2020-24295

CVSS3: 8.8

nvd

больше 2 лет назад

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.

GHSA-f29h-7mfm-m2h9

CVSS3: 8.8

github

больше 2 лет назад

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.