232 matches found
Design/Logic Flaw
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
Integer overflow
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
CVE-2019-5059
CVE-2019-5059 describes an exploitable code execution in SDL2_image 2.0.4 via XPM image rendering caused by an integer overflow that allocates too small a heap buffer and allows out-of-bounds writes. Connected advisories (Mageia/OpenSUSE OSV) document that SDL2_image 2.0.4 is the affected version...
CVE-2019-5058
CVE-2019-5058 affects SDL2_image 2.0.4, where the XCF image rendering functionality can trigger a heap overflow via a crafted XCF image, potentially enabling code execution. Public documents in OSS advisories (MGASA-2019-0363/0364 and OSV entries) link this CVE to SDL2_image and describe the vuln...
CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
SDL_image XCF Image Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
Arbitrary Code Execution
Mozilla Firefox is vulnerable to arbitrary code execution. Two flaws were found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the use...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Memory Corruption
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
openSUSE Security Update : SDL2_image (openSUSE-2019-933)
This update for SDL2image fixes the following issues : Security issues fixed : - CVE-2018-3839: Fixed an exploitable code execution vulnerability that existed in the XCF image rendering functionality of the Simple DirectMedia Layer bsc1089087. - CVE-2018-3977: Fixed a possible code execution via...
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows
I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...
OPENSUSE-SU-2018:3906-1 Security update for SDL2_image
This update for SDL2image fixes the following issues: Security issues fixed: - CVE-2018-3839: Fixed an exploitable code execution vulnerability that existed in the XCF image rendering functionality of the Simple DirectMedia Layer bsc1089087. - CVE-2018-3977: Fixed a possible code execution via...
MGASA-2018-0454 Updated sdl2/mingw-SDL2 packages fix security vulnerabilities
This update fixes various security vulnerabilities affecting the SDL2image library, listed below. The fixes are provided in SDL2image 2.0.4, which depends on SDL2 2.0.8 or later. As such, the SDL2 and SDL2mixer libraries are also updated to their current stable releases, providing various bug fix...
CVE-2018-3977
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
CVE-2018-3977
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
UBUNTU-CVE-2018-3977
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
CVE-2018-3977
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
PT-2018-16353 · Sdl +3 · Sdl2 Image +3
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.3 Description: A code execution issue exists in the XCF image rendering functionality. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted...