Candidate: CVE-2015-0852
PublicDate: 2015-09-29 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0852
 https://marc.info/?l=oss-security&m=144073280200732&w=2
 http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
 http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
Description:
 Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and
 earlier allow remote attackers to cause a denial of service (heap memory
 corruption) via vectors related to the height and width of a window.
Ubuntu-Description:
 It was discovered that FreeImage incorrectly handled certain PCX files. An
 attacker could possibly use this issue to cause a denial of service.
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797165
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_freeimage:
upstream_freeimage: released (3.15.4-4.2)
precise_freeimage: ignored (reached end-of-life)
precise/esm_freeimage: DNE (precise was needed)
trusty_freeimage: ignored (out of standard support)
trusty/esm_freeimage: needed
vivid_freeimage: ignored (reached end-of-life)
vivid/stable-phone-overlay_freeimage: DNE
vivid/ubuntu-core_freeimage: DNE
wily_freeimage: ignored (reached end-of-life)
xenial_freeimage: not-affected (3.15.4-4.2)
yakkety_freeimage: ignored (reached end-of-life)
zesty_freeimage: ignored (reached end-of-life)
artful_freeimage: ignored (reached end-of-life)
bionic_freeimage: not-affected (3.15.4-4.2)
cosmic_freeimage: not-affected (3.15.4-4.2)
disco_freeimage: not-affected (3.15.4-4.2)
eoan_freeimage: not-affected (3.15.4-4.2)
focal_freeimage: not-affected (3.15.4-4.2)
groovy_freeimage: not-affected (3.15.4-4.2)
hirsute_freeimage: not-affected (3.15.4-4.2)
impish_freeimage: not-affected (3.15.4-4.2)
jammy_freeimage: not-affected (3.15.4-4.2)
devel_freeimage: not-affected (3.15.4-4.2)