Debian Security Advisory
DLA-327-1 freeimage -- LTS security update
- Date Reported:
- 18 Oct 2015
- Affected Packages:
- freeimage
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-0852.
- More information:
-
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.