CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-3994

HIGH
8.2
CVSS Severity Score
EPSS Score0.0360%
EPSS Percentile13.14th
Published2016年5月13日
Last Modified2026年5月6日

Vulnerability Description

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

Affected Platforms (CPE)

💻
Debian

Debian Linux

= 7.0
💻
Debian

Debian Linux

= 8.0
📦
Enlightenment

Imlib2

<= 1.4.8

References & Advisories

🔗 http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html
🔗 http://www.debian.org/security/2016/dsa-3555
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369
🔗 https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
🔗 https://sourceforge.net/p/enlightenment/mailman/message/35055012/
🔗 http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html
🔗 http://www.debian.org/security/2016/dsa-3555
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369

相關漏洞威脅

CVE-1999-069810.0

Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.

CVE-2026-234628.8

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following t...

CVE-2006-70948.5

ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bi...

CVE-2026-231717.8

In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave a...