Denial of Service Vulnerability in Imlib2 by Enlightenment
CVE-2014-9762

7.5HIGH

Key Information:

Vendor
Enlightenment
Status
Imlib2
Vendor
CVE Published:
13 May 2016

Summary

A vulnerability exists in Imlib2 versions prior to 1.4.7 that allows remote attackers to exploit the processing of specially crafted GIF images, leading to a denial of service due to a segmentation fault. This flaw can be triggered by images lacking a colormap, potentially disrupting services and affecting the stability of applications utilizing the library.

References

https://git.enlightenment.org/legacy/imlib2.git/tree/Chan...
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201611-12
vendor-advisoryx_refsource_GENTOO
http://www.debian.org/security/2016/dsa-3537
vendor-advisoryx_refsource_DEBIAN

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2014-9762 : Denial of Service Vulnerability in Imlib2 by Enlightenment | SecurityVulnerability.io