CVE-2014-9771

10 documents7 sources
Severity
7.5HIGH
EPSS
1.2%
top 21.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Enlightenment Imlib2Debian Debian Linux
Timeline
PublishedMay 13
Latest updateMay 17

Description

Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

โ–ถDebianimlib2< 1.4.7-1+3
โ–ถNVDenlightenment/imlib21.4.6

Also affects: Debian Linux 7.0, 8.0

๐Ÿ”ดVulnerability Details

4
GHSA
GHSA-55hr-p72p-7xmw: Integer overflow in imlib2 before 1โ†—2022-05-17
โ–ถ
OSV
imlib2 vulnerabilitiesโ†—2016-09-09
โ–ถ
CVEList
CVE-2014-9771: Integer overflow in imlib2 before 1โ†—2016-05-13
โ–ถ
OSV
CVE-2014-9771: Integer overflow in imlib2 before 1โ†—2016-05-13
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Ubuntu
Imlib2 vulnerabilitiesโ†—2016-09-09
โ–ถ
Debian
CVE-2014-9771: imlib2 - Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denia...โ†—2014
โ–ถ

๐Ÿ’ฌCommunity

3
Bugzilla
CVE-2014-9771 imlib2: exploitable integer overflow in _imlib_SaveImageโ†—2016-04-07
โ–ถ
Bugzilla
CVE-2014-9771 imlib2: exploitable integer overflow in _imlib_SaveImage [epel-7]โ†—2016-04-07
โ–ถ
Bugzilla
CVE-2014-9771 imlib2: exploitable integer overflow in _imlib_SaveImage [epel-6]โ†—2016-04-07
โ–ถ