Details of VAR-201509-0477

ID

VAR-201509-0477

CVE

CVE-2015-0852

TITLE

FreeImage of PluginPCX.cpp Vulnerable to integer underflow

Trust: 0.8

sources: JVNDB: JVNDB-2015-005003

DESCRIPTION

Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. A security vulnerability exists in versions prior to Advantech WebAccess 8.1 that could be exploited by remote attackers to bypass target management requirements and gain access to files or folders. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-68 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: FreeImage: Multiple vulnerabilities Date: January 29, 2017 Bugs: #559006, #596350 ID: 201701-68 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in FreeImage, the worst of which may allow execution of arbitrary code Background ========== FreeImage is an Open Source library project for developers who would like to support popular graphics image formats like PNG, BMP, JPEG, TIFF and others as needed by today's multimedia applications. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/freeimage < 3.15.4-r1 >= 3.15.4-r1 Description =========== Multiple vulnerabilities have been discovered in in FreeImage. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker, by enticing a user to process a specially crafted image file, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All FreeImage users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freeimage-3.15.4-r1"= References ========== [ 1 ] CVE-2015-0852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0852 [ 2 ] CVE-2016-5684 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5684 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-68 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --khJbrB6DMl2G6hkl20s9gHxAo7WDBktBO-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3392-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 04, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freeimage CVE ID : CVE-2015-0852 Debian Bug : 797165 Pengsu Cheng discovered that FreeImage, a library for graphic image formats, contained multiple integer underflows that could lead to a denial of service: remote attackers were able to trigger a crash by supplying a specially crafted image. For the oldstable distribution (wheezy), this problem has been fixed in version 3.15.1-1.1. For the stable distribution (jessie), this problem has been fixed in version 3.15.4-4.2. For the testing distribution (stretch) and unstable distribution (sid), this problem has been fixed in version 3.15.4-6. We recommend that you upgrade your freeimage packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCgAGBQJWOc9cAAoJEBC+iYPz1Z1kC/UH/AhAe5MJ9NSS9wT95K5qhe/Z m4FKLdGDzGqWY82DhWyNYVTTeKit44rR70HnMQ4Ekj/s0SmOyXDAwhE5FR0lLnhW MM5U4Ub3Zhms3uQdayo8tKmlW3eS7lS5w6rpXk0406TVfSy23XUf8C9rjcIVruYS IBa1ROapH2pfo/LwFVwS3fm+ZzQ6M105WV1/TJEXG4sRCLKku470WPr8sDFGgWdZ 7UcdA1q8WbhGaELHI1Z7P86ycuz3hUTO9CzeYgUlcNBCOH27Uo4NiDQ5rOSHIY8N qWLiE8eIlBqn+9Nyr+JcQ1t/mvAI1aAZAfL0w3MUNQ+IPTG6Cx3mbrKTUw5jaLA= =klen -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2015-0852 // JVNDB: JVNDB-2015-005003 // CNVD: CNVD-2016-00430 // VULMON: CVE-2015-0852 // PACKETSTORM: 140773 // PACKETSTORM: 134214

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-00430

AFFECTED PRODUCTS

vendor:	freeimage	model:	freeimage	scope:	lte	version:	3.17.0	Trust: 1.0
vendor:	the freeimage	model:	freeimage	scope:	lte	version:	3.17.0	Trust: 0.8
vendor:	advantech	model:	webaccess	scope:	lt	version:	8.1	Trust: 0.6
vendor:	freeimage	model:	freeimage	scope:	eq	version:	3.17.0	Trust: 0.6

sources: CNVD: CNVD-2016-00430 // JVNDB: JVNDB-2015-005003 // CNNVD: CNNVD-201509-588 // NVD: CVE-2015-0852

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0852
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-0852
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-00430
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201509-588
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2015-0852
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-0852
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-00430
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-00430 // VULMON: CVE-2015-0852 // JVNDB: JVNDB-2015-005003 // CNNVD: CNNVD-201509-588 // NVD: CVE-2015-0852

PROBLEMTYPE DATA

problemtype:

CWE-189

Trust: 1.8

sources: JVNDB: JVNDB-2015-005003 // NVD: CVE-2015-0852

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-588

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-201509-588

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005003

PATCH

title:	797165	url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797165	Trust: 0.8
title:	FEDORA-2015-16106	url:	https://lists.fedoraproject.org/pipermail/package-announce/2015-September/167766.html	Trust: 0.8
title:	Top Page	url:	http://freeimage.sourceforge.net/	Trust: 0.8
title:	Advantech WebAccess security restrictions bypass the patch for the vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/70375	Trust: 0.6
title:	Debian CVElist Bug Report Logs: CVE-2015-0852: integer overflow in PluginPCX.cpp	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=52aa225fa9ef427fbf5d092e1fe9b6ed	Trust: 0.1
title:	Debian Security Advisories: DSA-3392-1 freeimage -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=94e9b5a5aec8b21eb715ae1aa90f7b2a	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - January 2019	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=f655264a6935505d167bbf45f409a57b	Trust: 0.1
title:	nixos-issue-db-example	url:	https://github.com/andir/nixos-issue-db-example	Trust: 0.1

sources: CNVD: CNVD-2016-00430 // VULMON: CVE-2015-0852 // JVNDB: JVNDB-2015-005003

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0852	Trust: 3.3
db:	OPENWALL	id:	OSS-SECURITY/2015/08/28/1	Trust: 2.5
db:	SECTRACK	id:	1034077	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-005003	Trust: 0.8
db:	CNVD	id:	CNVD-2016-00430	Trust: 0.6
db:	CNNVD	id:	CNNVD-201509-588	Trust: 0.6
db:	VULMON	id:	CVE-2015-0852	Trust: 0.1
db:	PACKETSTORM	id:	140773	Trust: 0.1
db:	PACKETSTORM	id:	134214	Trust: 0.1

sources: CNVD: CNVD-2016-00430 // VULMON: CVE-2015-0852 // JVNDB: JVNDB-2015-005003 // PACKETSTORM: 140773 // PACKETSTORM: 134214 // CNNVD: CNNVD-201509-588 // NVD: CVE-2015-0852

REFERENCES

url:	http://www.openwall.com/lists/oss-security/2015/08/28/1	Trust: 2.5
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797165	Trust: 1.8
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-september/167766.html	Trust: 1.7
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0852	Trust: 1.4
url:	https://security.gentoo.org/glsa/201701-68	Trust: 1.2
url:	http://www.debian.org/security/2015/dsa-3392	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-november/172491.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-november/172583.html	Trust: 1.1
url:	http://www.securitytracker.com/id/1034077	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-october/168000.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-october/168023.html	Trust: 1.1
url:	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0852	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0852	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/189.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.debian.org/security/./dsa-3392	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5684	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5684	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0852	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1

CREDITS

Gentoo

Trust: 0.1

sources: PACKETSTORM: 140773

SOURCES

db:	CNVD	id:	CNVD-2016-00430
db:	VULMON	id:	CVE-2015-0852
db:	JVNDB	id:	JVNDB-2015-005003
db:	PACKETSTORM	id:	140773
db:	PACKETSTORM	id:	134214
db:	CNNVD	id:	CNNVD-201509-588
db:	NVD	id:	CVE-2015-0852

LAST UPDATE DATE

2024-08-14T13:33:09.328000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-00430	date:	2016-01-25T00:00:00
db:	VULMON	id:	CVE-2015-0852	date:	2019-01-16T00:00:00
db:	JVNDB	id:	JVNDB-2015-005003	date:	2015-10-01T00:00:00
db:	CNNVD	id:	CNNVD-201509-588	date:	2015-10-08T00:00:00
db:	NVD	id:	CVE-2015-0852	date:	2019-01-16T19:29:06.843

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-00430	date:	2016-01-25T00:00:00
db:	VULMON	id:	CVE-2015-0852	date:	2015-09-29T00:00:00
db:	JVNDB	id:	JVNDB-2015-005003	date:	2015-10-01T00:00:00
db:	PACKETSTORM	id:	140773	date:	2017-01-30T16:57:07
db:	PACKETSTORM	id:	134214	date:	2015-11-04T16:41:38
db:	CNNVD	id:	CNNVD-201509-588	date:	2015-09-29T00:00:00
db:	NVD	id:	CVE-2015-0852	date:	2015-09-29T18:59:00.147