CRITICAL🇵🇱 Wersja polska

CVE-2020-12761

CVSS 9.1v3.1pub. 2020-05-09upd. 2024-11-21

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Enlightenment Imlib2

    APP
    Enlightenment
    1.6.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2016-4024CRITICAL9.8ten sam produkt

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code ...

CVE-2024-25450HIGH8.8ten sam produkt

imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().

CVE-2024-25448HIGH8.8ten sam produkt

An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer...

CVE-2024-25447HIGH8.8ten sam produkt

An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap ...

CVE-2011-5326HIGH7.5ten sam produkt

imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application...