cbcvebase.
CVE-2016-3994
published 2016-05-13

CVE-2016-3994: The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted…

high8.2CVSS 3.0
AVNACLPRNUINSUCLINAH
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

Affected

10 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debianimlib2< imlib2 1.4.8-1 (bookworm)imlib2 1.4.8-1 (bookworm)
enlightenmentimlib2<= 1.4.8
enlightenmentimlib2>= 0 < 1.4.8-11.4.8-1
enlightenmentimlib2>= 0 < 1.4.8-11.4.8-1
enlightenmentimlib2>= 0 < 1.4.8-11.4.8-1
enlightenmentimlib2>= 0 < 1.4.8-11.4.8-1
enlightenmentimlib2>= 0 < 1.4.6-2ubuntu0.11.4.6-2ubuntu0.1
enlightenmentimlib2>= 0 < 1.4.7-1ubuntu0.11.4.7-1ubuntu0.1

CVSS provenance

nvdv3.08.2HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
osv8.2HIGH