CVE-2015-0852
published 2015-09-29CVE-2015-0852: Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via…
medium5CVSS 3.1
AVNACLAuNCNINAP
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | freeimage | < freeimage 3.15.4-5 (bookworm) | freeimage 3.15.4-5 (bookworm) |
| freeimage_project | freeimage | <= 3.17.0 | — |
| freeimage_project | freeimage | >= 0 < 3.15.4-5 | 3.15.4-5 |
| freeimage_project | freeimage | >= 0 < 3.15.4-5 | 3.15.4-5 |
| freeimage_project | freeimage | >= 0 < 3.15.4-5 | 3.15.4-5 |
| freeimage_project | freeimage | >= 0 < 3.15.4-5 | 3.15.4-5 |
| kmx | alien_freeimage | <= 1.001 | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM