21 matches found
EUVD-2019-14666
Malware in sbrugna...
EUVD-2019-14664
Malware in sbrugna...
CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...
Design/Logic Flaw
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
CVE-2019-5058
CVE-2019-5058 affects SDL2_image 2.0.4, where the XCF image rendering functionality can trigger a heap overflow via a crafted XCF image, potentially enabling code execution. Public documents in OSS advisories (MGASA-2019-0363/0364 and OSV entries) link this CVE to SDL2_image and describe the vuln...
SDL_image PCX Image Code execution Vulnerability
Summary An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
SDL_image XCF Image Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
CVE-2019-12220
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an out-of-bounds read in the SDL function SDLFreePaletteREAL at video/SDLpixels.c...
CVE-2019-5052
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...
Integer overflow
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...
CVE-2019-5052
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...
CVE-2019-5052
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...
CVE-2019-12221
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...
CVE-2019-12217
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...
CVE-2019-12219
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...
Heap overflow
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a heap-based buffer overflow in the SDL2image function IMGLoadPCXRW at IMGpcx.c...
Design/Logic Flaw
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...
Design/Logic Flaw
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...
CVE-2019-12221
The CVE-2019-12221 entry corresponds to a NULL/SEGV issue in SDL_free_REAL inside SDL with SDL2_image 2.0.4 (SDL 2.0.9) when used together, as described in the initial document. Connected documents confirm this vulnerability is addressed by SDL2_image updates to 2.0.5 (and corresponding SDL relea...
CVE-2019-12217
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...