CVE-2024-25447

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Feb 9, 2024

Updated: Feb 15, 2024

CWE ID 787

Summary

CVE-2024-25447 is a newly disclosed vulnerability affecting imlib2 version 1.9.1. The issue lies in the imlib_load_image_with_error_return function, which can be exploited by attackers to induce a heap buffer overflow. This vulnerability is triggered through parsing a specially crafted image file. Successful exploitation could lead to arbitrary code execution or denial of service, posing a significant threat to systems using the affected software. It is recommended that users upgrade to a patched version of imlib2 to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Enlightenment

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ubjh3j
https://www.cve.org/CVERecord?id=CVE-2024-25447
https://nvd.nist.gov/vuln/detail/CVE-2024-25447

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-25447

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations