CVE-2016-3994

NONE EPSS 84.6%
Published May 13, 201610y ago · Modified Jun 17, 20262w ago
Find Similar
Published May 13, 2016 10y ago
Last Modified Jun 17, 2026 2w ago

Description

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

Threat Intelligence

EPSS Exploit Probability
84.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 3

VendorProductVersionRange
debiandebian_linux7.0any
debiandebian_linux8.0any
enlightenmentimlib2* ≤1.4.8

References 5

  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html
  • debian.org http://www.debian.org/security/2016/dsa-3555
  • bugs.debian.org https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369
  • git.enlightenment.org https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
  • sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/
    Patch

Remediation

  • sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/
    Patch