Published: 22/08/2023 Updated: 18/12/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote malicious users to run arbitrary code and cause other impacts via crafted image file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freeimage project freeimage 3.18.0

Debian Bug report logs - #1051738 freeimage: CVE-2020-21428 Package: src:freeimage; Maintainer for src:freeimage is Debian Science Maintainers <debian-science-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 11 Sep 2023 21:15:02 UTC Severity: grave Tags: security, upst ...

Multiple vulnerabilities were discovered in FreeImage, a support library for graphics image formats, which could result in the execution of arbitrary code if malformed image files are processed For the oldstable distribution (bullseye), these problems have been fixed in version 3180+ds2-6+deb11u1 For the stable distribution (bookworm), these pr ...

CWE-120 https://sourceforge.net/p/freeimage/bugs/299/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUEK2JOVJBQZVNQIIZZO3JFMTVB4R5KS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGOMCRAANNCQYJYPPMGRQWKRZGIP6NME/https://lists.debian.org/debian-lts-announce/2023/11/msg00020.html https://www.debian.org/security/2023/dsa-5579 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051738 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5579

CVE-2020-21428

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect