CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-14450 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2017-14450
23 Apr 2018 — A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la funcionalidad de renderización de imágenes GIF de SDL2_image-2.0.2. Una imagen GIF especialmente manipulada puede desembocar en un desbordamiento de búfer en una sección global. • https://lists.debian.org/debian-lts-announce/2018/04/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-3837 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2018-3837
10 Apr 2018 — An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability. Existe una vulnerabilidad explotable de divulgación de información en la funcionalidad de renderización de imágenes PCX de Simple DirectMedia Layer SDL2_image-2.0.2. Una im... • https://security.gentoo.org/glsa/201903-17 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-3838 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2018-3838
10 Apr 2018 — An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability. Existe una vulnerabilidad explotable de divulgación de información en la funcionalidad de renderización de imágenes XCF de Simple DirectMedia Layer SDL2_image-2.0.2. Una imagen XCF esp... • https://security.gentoo.org/glsa/201903-17 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 1CVE-2018-3839 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2018-3839
10 Apr 2018 — An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad de renderización de imágenes XCF de Simple DirectMedia Layer SDL2_image-2.0.2. Una imagen XCF especialmente ... • https://security.gentoo.org/glsa/201903-17 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0CVE-2017-2887 – Debian Security Advisory 4184-1
https://notcve.org/view.php?id=CVE-2017-2887
11 Oct 2017 — An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability. Existe una vulnerabilidad explotable de desbordamiento de búfer en la funcionalidad de manejo de propiedades XCF de SDL_image 2.0.1. Un archivo xcf especialmente manipulado podría provocar un desbordamient... • http://www.securityfocus.com/bid/101215 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 5EXPL: 1CVE-2017-2888 – Ubuntu Security Notice USN-4143-1
https://notcve.org/view.php?id=CVE-2017-2888
11 Oct 2017 — An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability. Existe una vulnerabilidad explotable de desbordamiento de enteros cuando se crea una nueva superficie RGB en SDL 2.0.5. Un archivo especialmente manipulado pue... • http://www.securityfocus.com/bid/101215 • CWE-190: Integer Overflow or Wraparound •