PT-2024-13536 · Freeimage+1 · Freeimage+1
Published
2024-01-09
·
Updated
2025-05-14
·
CVE-2023-47996
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
FreeImage version 3.18.0
Description
An integer overflow vulnerability in Exif.cpp::jpeg read exif dir allows attackers to obtain information and cause a denial of service.
Recommendations
For FreeImage version 3.18.0, consider disabling the
jpeg read exif dir function in Exif.cpp as a temporary workaround until a patch is available.Exploit
Fix
DoS
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Freeimage