CVE-2016-5684

Priority
Description
An exploitable out-of-bounds write vulnerability exists in the XMP image
handling functionality of the FreeImage library. A specially crafted XMP
file can cause an arbitrary memory overwrite resulting in code execution.
An attacker can provide a malicious image to trigger this vulnerability.
Notes
Package
Upstream:released (3.17.0+ds1-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.15.4-3ubuntu0.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.17.0+ds1-2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.17.0+ds1-3)
More Information

Updated: 2020-07-28 19:57:57 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)