VDB

GCVE-VVD-MAGEIA-2017-397

GCVE-VVD-MAGEIA-2017-397
Advisory Published
Vulnetix · Advisory published November 2, 2017
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability (CVE-2017-2887).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiasdl2_image0 (affected), 2.0.0-4.1.mga5 (unaffected)
Mageiasdl2_image0 (affected), 2.0.1-1.1.mga6 (unaffected)
Mageiamingw-SDL2_image0 (affected), 2.0.1-2.1.mga6 (unaffected)

Aliases

CVE-2017-2887

Transitive aliases

GHSA-hqjw-c32v-frhhVVD-MAGEIA-2018-170EUVD-2017-12028

References

Updated sdl2_image & mingw packages fix security vulnerability
advisory
Updated sdl2_image & mingw packages fix security vulnerability
issue
Updated sdl2_image & mingw packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›