CVE-2016-3994
NONE EPSS 84.6%
Published May 13, 201610y ago · Modified Jun 17, 20262w ago
Published May 13, 2016 10y ago
Last Modified Jun 17, 2026 2w ago
Description
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
Threat Intelligence
EPSS Exploit Probability
84.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 3
| Vendor | Product | Version | Range |
|---|---|---|---|
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 8.0 | any |
| enlightenment | imlib2 | * | ≤1.4.8 |
References 5
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html
- debian.org http://www.debian.org/security/2016/dsa-3555
- bugs.debian.org https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369
- git.enlightenment.org https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
- sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/
Remediation
- sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/