CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.
References
Link Resource
https://sourceforge.net/p/freeimage/bugs/355/ Permissions Required
https://www.openwall.com/lists/oss-security/2024/04/11/10 Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*

History

25 Sep 2024, 14:57

Type Values Removed Values Added
First Time Freeimage Project freeimage
Freeimage Project
CWE CWE-787
References () https://sourceforge.net/p/freeimage/bugs/355/ - () https://sourceforge.net/p/freeimage/bugs/355/ - Permissions Required
References () https://www.openwall.com/lists/oss-security/2024/04/11/10 - () https://www.openwall.com/lists/oss-security/2024/04/11/10 - Mailing List, Third Party Advisory
CPE cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*

23 Sep 2024, 18:35

Type Values Removed Values Added
CWE CWE-121
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

20 Sep 2024, 12:30

Type Values Removed Values Added
Summary
  • (es) libfreeimage en FreeImage 3.4.0 a 3.18.0 tiene un desbordamiento de búfer basado en pila en la función de carga PluginXPM.cpp a través de un archivo XPM.

19 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-19 17:15

Updated : 2024-09-25 14:57


NVD link : CVE-2024-31570

Mitre link : CVE-2024-31570

CVE.ORG link : CVE-2024-31570


JSON object : View

Products Affected

freeimage_project

  • freeimage
CWE
CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow