CVE-2024-28566

Name of the Vulnerable Software and Affected Versions FreeImage version 3.19.0

Description The issue allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format. This is a Buffer Overflow vulnerability.

Recommendations For FreeImage version 3.19.0, as a temporary workaround, consider disabling the AssignPixel() function until a patch is available. Restrict access to TIFF image reading functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.