VDB
MAGEIA-2017-397
MAGEIA-2017-397
PUBLISHED
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability (CVE-2017-2887).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | mingw-SDL2_image | 2.0.1-2.1.mga6, 0 |
| Mageia | sdl2_image | 2.0.0-4.1.mga5, 0 |
| Mageia | sdl2_image | 2.0.1-1.1.mga6, 0 |
Timeline
- Nov 2, 2017 CVE Updated
- Nov 2, 2017 CVE Published