modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HEnlightenment Imlib2
APPEnlightenment1.6.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
Powiązane podatności
CVE-2016-4024CRITICAL9.8ten sam produkt
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code ...
CVE-2024-25450HIGH8.8ten sam produkt
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
CVE-2024-25448HIGH8.8ten sam produkt
An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer...
CVE-2024-25447HIGH8.8ten sam produkt
An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap ...
CVE-2011-5326HIGH7.5ten sam produkt
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application...