CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
Percentile
88.0%
Updated imlib2 packages fix security vulnerabilities: An out-of-bounds read caused by an off-by-one error in __imlib_MergeUpdate() in src/lib/updates.c in imlib2 1.4.8 and earlier (CVE-2016-3993). An out-of-bounds read from colormap in the GIF loader in imlib2 1.4.8 and earlier can result in denial of service and potential host memory exposure (CVE-2016-3994). Attempting to draw a 2x1 ellipse with e.g. imlib_image_draw_ellipse(x, y, 2, 1) causes a divide-by-zero in imlib2 1.4.8 and earlier, resulting in a denial of service if an application uses the draw command with untrusted input (CVE-2011-5326).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | imlib2 | < 1.4.8-1 | imlib2-1.4.8-1.mga5 |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
Percentile
88.0%