GCVE-VVD-MAGEIA-2017-397

Advisory Published

Vulnetix · Advisory published November 2, 2017

An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability (CVE-2017-2887).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	sdl2_image	0 (affected), 2.0.0-4.1.mga5 (unaffected)	—
Mageia	sdl2_image	0 (affected), 2.0.1-1.1.mga6 (unaffected)	—
Mageia	mingw-SDL2_image	0 (affected), 2.0.1-2.1.mga6 (unaffected)	—

Aliases

CVE-2017-2887

Transitive aliases

GHSA-hqjw-c32v-frhh VVD-MAGEIA-2018-170 EUVD-2017-12028

References

Updated sdl2_image & mingw packages fix security vulnerability

advisory

Updated sdl2_image & mingw packages fix security vulnerability

issue

Updated sdl2_image & mingw packages fix security vulnerability

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON