CVE-2016-5684 (retired)

An exploitable out-of-bounds write vulnerability exists in the XMP image
handling functionality of the FreeImage library. A specially crafted XMP
file can cause an arbitrary memory overwrite resulting in code execution.
An attacker can provide a malicious image to trigger this vulnerability.
Upstream:released (3.17.0+ds1-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.15.4-3ubuntu0.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.17.0+ds1-2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.17.0+ds1-3)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (3.17.0+ds1-3)
Ubuntu 19.04 (Disco Dingo):not-affected (3.17.0+ds1-3)
More Information

Updated: 2019-03-29 12:14:47 UTC (commit 66b8404dcc75ecb1c50aa848d7be8fd1c597183b)