Integer Overflow Vulnerability in imlib2 1.6.0's loader_ico.c

CVE-2020-12761 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

Learn more about our Web Application Penetration Testing UK.