Vulnetix
Try Vulnetix Request Demo
GCVE-VVD-MAGEIA-2019-3
Advisory Published
Vulnetix · Advisory published January 11, 2019
A flaw was found in libgxps through 0.3.0. There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c. A crafted input will lead to a remote denial of service attack (CVE-2018-10733). An integer overflow flaw exists within the "gxps_images_create_from_png()" function in libgxps/gxps-images.c. An attacker can exploit this flaw to cause a heap-based buffer overflow by tricking a user into opening a specially crafted XPS document in an application using libgxps (rhbz#1524378).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibgxps0 (affected), 0.2.5-1.2.mga6 (unaffected), 0 (affected), 0.2.5-1.2.mga6 (unaffected)
Mageiaflash-player-plugin0 (affected), 32.0.0.114-1.mga6.nonfree (unaffected)

Aliases

CVE-2018-10733

Transitive aliases

EUVD-2018-2803GHSA-8r7v-mcwp-4qfm

References

Updated libgxps packages fix security vulnerabilities
advisory
Updated libgxps packages fix security vulnerabilities
issue
Updated libgxps packages fix security vulnerabilities
issue
Updated libgxps packages fix security vulnerabilities
issue
Updated flash-player-plugin package fixes bugs
advisory
Updated flash-player-plugin package fixes bugs
issue
Updated flash-player-plugin package fixes bugs
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON