CVE-2024-28569

Name of the Vulnerable Software and Affected Versions FreeImage version 3.19.0

Description The issue allows a local attacker to execute arbitrary code via the Imf 2 2::Xdr::read() function when reading images in EXR format. This is a Buffer Overflow vulnerability in the open source FreeImage.

Recommendations For FreeImage version 3.19.0, consider disabling the Imf 2 2::Xdr::read() function when handling EXR images until a patch is available. Restrict access to image processing functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.