CVE-2019-5052

Опубликовано: 03 июл. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 6.8

CVSS3: 8.8

Описание

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	2.0.5+dfsg1-1
disco	ignored	end of life
eoan	not-affected	2.0.5+dfsg1-1
esm-apps/bionic	needed
esm-apps/focal	not-affected	2.0.5+dfsg1-1
esm-apps/jammy	not-affected	2.0.5+dfsg1-1
esm-apps/noble	not-affected	2.0.5+dfsg1-1
esm-apps/xenial	needed

Показывать по

Релиз	Статус	Примечание
bionic	released	1.2.12-8ubuntu0.1
cosmic	ignored	end of life
devel	not-affected	1.2.12-11
disco	ignored	end of life
eoan	not-affected	1.2.12-11
esm-apps/bionic	released	1.2.12-8ubuntu0.1
esm-apps/focal	not-affected	1.2.12-11
esm-apps/jammy	not-affected	1.2.12-11
esm-apps/noble	not-affected	1.2.12-11
esm-apps/xenial	released	1.2.12-5+deb9u1ubuntu0.16.04.1

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2019-5052

CVSS3: 8.8

nvd

больше 6 лет назад

CVE-2019-5052

CVSS3: 8.8

debian

больше 6 лет назад

An exploitable integer overflow vulnerability exists when loading a PC ...

GHSA-xv8q-8fhp-7r88

CVSS3: 8.8

github

больше 3 лет назад

openSUSE-SU-2019:2071-1

suse-cvrf

больше 6 лет назад

Security update for SDL_image

openSUSE-SU-2019:2070-1

suse-cvrf

больше 6 лет назад

Security update for SDL2_image

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2019-5052

Описание

Пакет libsdl2-image

Пакет sdl-image1.2

Ссылки на источники

Связанные уязвимости