CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-12761

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile32.35th
Published2020年5月9日
Last Modified2024年11月21日

Vulnerability Description

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

Affected Platforms (CPE)

📦
Enlightenment

Imlib2

= 1.6.0

References & Advisories

🔗 https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63
🔗 https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63

相關漏洞威脅

CVE-2008-607910.0

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4...

CVE-2016-40249.8

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions...

CVE-2008-24269.3

Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of serv...

CVE-2016-39948.2

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive...