CVE-2024-28580

Опубликовано: 20 мар. 2024

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

Пакеты

Пакет	Статус	Релиз	Тип
freeimage	unfixed		package
freeimage	postponed	trixie	package
freeimage	postponed	bookworm	package
freeimage	no-dsa	bullseye	package

Примечания

https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
https://sourceforge.net/p/freeimage/bugs/381/

EPSS

Процентиль: 22%

0.0007

Низкий

Связанные уязвимости

CVE-2024-28580

CVSS3: 8.4

ubuntu

почти 2 года назад

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

CVE-2024-28580

CVSS3: 8.4

nvd

почти 2 года назад

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

GHSA-fcwm-gx7c-6hgc

CVSS3: 8.4

github

почти 2 года назад

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

EPSS

Процентиль: 22%

0.0007

Низкий