Buffer Overflow Vulnerability in FreeImage by FreeImage Developers
CVE-2024-28573

Currently unrated

Key Information:

Vendor: FreeImage Developers
Status: FreeImage
Vendor: CVE Published:; 20 March 2024

🔔 Create FreeImage Developers Vulnerability Alert

What is CVE-2024-28573?

A buffer overflow vulnerability exists in FreeImage version 3.19.0 [r1909], which can be exploited by a local attacker to create a denial of service (DoS) condition. This vulnerability arises from improper handling in the jpeg_read_exif_profile() function when processing images in JPEG format. Attackers can craft malicious JPEG images that, once processed, lead to unexpected application behavior and potential crashes, significantly affecting the functionality of applications using FreeImage.

References

https://github.com/Ruanxingzhi/vul-report/tree/master/fre...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2024
Vulnerability Reserved
Mar 8, 2024

JSON