Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-14448

Опубликовано: 24 апр. 2018
Источник: nvd
CVSS3: 8.8
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:libsdl:sdl_image:2.0.2:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.01672
Низкий

8.8 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2017-14448

CVSS3: 8.8
ubuntu
почти 8 лет назад

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

debian логотип

CVE-2017-14448

CVSS3: 8.8
debian
почти 8 лет назад

An exploitable code execution vulnerability exists in the XCF image re ...

github логотип

GHSA-rrp4-84hf-vc2p

CVSS3: 8.8
github
больше 3 лет назад

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

suse-cvrf логотип

SUSE-SU-2018:3657-1

suse-cvrf
около 7 лет назад

Security update for SDL_image

suse-cvrf логотип

openSUSE-SU-2018:0734-1

suse-cvrf
почти 8 лет назад

Security update for SDL2, SDL2_image

EPSS

Процентиль: 82%
0.01672
Низкий

8.8 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787