Vulnerabilities > Enlightenment > Imlib2 > 1.4.8

DATE CVE VULNERABILITY TITLE RISK
2016-05-13 CVE-2016-4024 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
network
low complexity
enlightenment debian opensuse CWE-119
critical
9.8
2016-05-13 CVE-2016-3994 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
network
low complexity
debian enlightenment CWE-119
8.2
2016-05-13 CVE-2016-3993 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
network
low complexity
enlightenment debian CWE-119
7.5
2016-05-13 CVE-2011-5326 Numeric Errors vulnerability in multiple products
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
network
low complexity
debian enlightenment CWE-189
7.5