VDB

MAGEIA-2017-397

MAGEIA-2017-397 PUBLISHED

An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability (CVE-2017-2887).

Affected Products

VendorProductVersions
Mageiamingw-SDL2_image2.0.1-2.1.mga6, 0
Mageiasdl2_image2.0.0-4.1.mga5, 0
Mageiasdl2_image2.0.1-1.1.mga6, 0

Timeline

  • Nov 2, 2017 CVE Updated
  • Nov 2, 2017 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›