Описание
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
A flaw was found in Krita. This vulnerability allows a heap-based buffer overflow via loading a manipulated TGA (Truevision Graphics Adapter) file.
Отчет
A heap-based buffer overflow in Krita, triggered by loading a manipulated TGA file, could lead to arbitrary code execution or application instability. This issue primarily affects the integrity and availability of the Krita application when processing untrusted input.
Дополнительная информация
Статус:
6.7 Medium
CVSS3
Связанные уязвимости
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
In KDE Krita before 5.2.13, loading a manipulated TGA file could resul ...
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
6.7 Medium
CVSS3