Published: 06/01/2017 Updated: 28/03/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

It exists that an out-of-bounds write vulnerability existed in the XMP image handling functionality of the FreeImage library. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could overwrite arbitrary memory, resulting in code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freeimage project freeimage 3.17.0

FreeImage could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #839827 freeimage: CVE-2016-5684 Package: src:freeimage; Maintainer for src:freeimage is Debian Science Maintainers <debian-science-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 5 Oct 2016 13:09:01 UTC Severity: grave Tags: security, u ...

Multiple vulnerabilities were discovered in the FreeImage multimedia library, which might result in denial of service or the execution of arbitrary code if a malformed XMP or RAW image is processed For the stable distribution (jessie), these problems have been fixed in version 3154-42+deb8u1 For the testing distribution (stretch), these proble ...

CWE-787 http://www.talosintelligence.com/reports/TALOS-2016-0189/http://www.securityfocus.com/bid/93287 https://security.gentoo.org/glsa/201701-68 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://usn.ubuntu.com/3925-1/https://usn.ubuntu.com/3925-1/https://nvd.nist.gov

CVE-2016-5684

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect