Описание
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| freeimage | unfixed | package | ||
| freeimage | postponed | trixie | package | |
| freeimage | postponed | bookworm | package | |
| freeimage | postponed | bullseye | package | |
| freeimage | postponed | buster | package |
Примечания
https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994
https://sourceforge.net/p/freeimage/bugs/359/
EPSS
Связанные уязвимости
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
EPSS