Tianyu Chen

#9945of 53,638
27.7Total CVSS
Vulnerabilities · 5
Low
1
Medium
4
PT-2024-22464
6.8
2024-03-19
Freeimage · Freeimage · CVE-2024-28562
**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.19.0 [r1909] **Description** The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the `Imf 2 2::copyIntoFrameBuffer()` component when reading images in EXR format. **Recommendations** For FreeImage version 3.19.0 [r1909], as a temporary workaround, consider disabling the `Imf 2 2::copyIntoFrameBuffer()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-22465
5.9
2024-03-19
Freeimage · Freeimage · CVE-2024-28563
**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.19.0 **Description** A Buffer Overflow issue allows a local attacker to cause a denial of service (DoS) when reading images in EXR format via the `Imf 2 2::DwaCompressor::Classifier::Classifier()` function. **Recommendations** For FreeImage version 3.19.0, as a temporary workaround, consider disabling the `Imf 2 2::DwaCompressor::Classifier::Classifier()` function when handling EXR images until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-22466
6.2
2024-03-19
Freeimage · Freeimage · CVE-2024-28564
**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.19.0 [r1909] **Description** The issue allows a local attacker to cause a denial of service (DoS) via the `Imf 2 2::CharPtrIO::readChars()` function when reading images in EXR format. **Recommendations** For FreeImage version 3.19.0 [r1909], consider disabling the `Imf 2 2::CharPtrIO::readChars()` function when reading images in EXR format as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-22467
5.5
2024-03-19
Freeimage · Freeimage · CVE-2024-28565
**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.19.0 [r1909] **Description** The issue is a buffer overflow that allows a local attacker to cause a denial of service (DoS) when reading images in PSD format through the `psdParser::ReadImageData()` function. **Recommendations** For FreeImage version 3.19.0 [r1909], as a temporary workaround, consider disabling the `psdParser::ReadImageData()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-22488
3.3
2024-03-19
Freeimage · Freeimage · CVE-2024-28584
**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.19.0 **Description** The issue allows a local attacker to cause a denial of service (DoS) via the `J2KImageToFIBITMAP()` function when reading images in J2K format. This is a Null Pointer Dereference issue. **Recommendations** For FreeImage version 3.19.0, as a temporary workaround, consider disabling the `J2KImageToFIBITMAP()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.