CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1CVE-2019-7575 – SDL: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7575
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene un desbordamiento de búfer basado en memoria dinámica (heap) en MS_ADPCM_decode en audio/SDL_wave.c. USN-4156-1 fixed several vulnerabilities in SDL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that SDL incorrec... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2019-7576 – SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7576
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en InitMS_ADPCM en audio/SDL_wave.c (fuera del bucle wNumCoef). Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 13EXPL: 1CVE-2019-7577 – SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7577
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer en SDL_LoadWAV_RW en audio/SDL_wave.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffer over-read and buffer overflow vulnerabilities... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 3%CPEs: 11EXPL: 1CVE-2019-7578 – SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7578
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en InitIMA_ADPCM en audio/SDL_wave.c. Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffer ov... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •