Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeimage project freeimage 3.17.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-5684
An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vu...
Freeimage Project Freeimage 3.17.0
5
CVSSv2
CVE-2015-0852
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and previous versions allow remote malicious users to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
Freeimage Project Freeimage
5
CVSSv2
CVE-2019-12211
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.
Freeimage Project Freeimage 3.18.0
Canonical Ubuntu Linux 18.04
4.3
CVSSv2
CVE-2019-12213
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
Freeimage Project Freeimage 3.18.0
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
4.3
CVSSv2
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started