FreeImage is a cross-platform open source library for supporting popular graphic image formats. An out-of-bounds read vulnerability exists in FreeImage version 3.18.0, which stems from the lack of proper validation of user-supplied data by the component Exif.cpp::ReadInt32, and can be exploited by an attacker to potentially trigger a read beyond the end of the allocated buffer via specially crafted data.
CPE | Name | Operator | Version |
---|---|---|---|
freeimage freeimage | eq | 3.18.0 |