Описание
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was deferred |
| cosmic | ignored | end of life |
| devel | deferred | 2019-09-06 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 3.17.0+ds1-5+deb9u1ubuntu0.1~esm1 |
| esm-apps/focal | released | 3.18.0+ds2-1ubuntu3.1 |
| esm-apps/jammy | released | 3.18.0+ds2-6ubuntu5.1 |
| esm-apps/noble | released | 3.18.0+ds2-10build4 |
| esm-apps/xenial | released | 3.17.0+ds1-2ubuntu0.1+esm1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize ...
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3