CVE-2016-4024
NONE EPSS 92.3%
Published May 13, 201610y ago · Modified Jun 17, 20262w ago
Published May 13, 2016 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
Threat Intelligence
EPSS Exploit Probability
92.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| enlightenment | imlib2 | * | ≤1.4.8 |
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 8.0 | any |
| opensuse | opensuse | 13.2 | any |
References 7
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html
- debian.org http://www.debian.org/security/2016/dsa-3555
- securityfocus.com http://www.securityfocus.com/bid/86073
- securitytracker.com http://www.securitytracker.com/id/1035573
- git.enlightenment.org https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
- security.gentoo.org https://security.gentoo.org/glsa/201611-12
- sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/
Remediation
- sourceforge.net https://sourceforge.net/p/enlightenment/mailman/message/35055012/