Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-47994HistoryJan 09, 2024 - 11:15 p.m.
CVE-2023-47994
2024-01-0923:15:09
Debian Security Bug Tracker
security-tracker.debian.org
8
integer overflow
loadpixeldatarle4
freeimage 3.18.0
denial of service
arbitrary code
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
37.4%
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | freeimage | <= 3.18.0+ds2-9+deb12u1 | freeimage_3.18.0+ds2-9+deb12u1_all.deb |
| Debian | 11 | all | freeimage | <= 3.18.0+ds2-6+deb11u1 | freeimage_3.18.0+ds2-6+deb11u1_all.deb |
| Debian | 999 | all | freeimage | <= 3.18.0+ds2-10 | freeimage_3.18.0+ds2-10_all.deb |
| Debian | 13 | all | freeimage | <= 3.18.0+ds2-10 | freeimage_3.18.0+ds2-10_all.deb |
Related
prion
prion
Integer overflow
2024-01-09 23:15:00
ubuntucve
ubuntucve
CVE-2023-47994
2024-01-09 00:00:00
nvd
nvd
CVE-2023-47994
2024-01-09 23:15:09
cve
cve
CVE-2023-47994
2024-01-09 23:15:09
cvelist
cvelist
CVE-2023-47994
2024-01-09 00:00:00
alpinelinux
alpinelinux
CVE-2023-47994
2024-01-09 23:15:09
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
37.4%
Related for DEBIANCVE:CVE-2023-47994