CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-2887

HIGH
8.8
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile22.04th
Published2017年10月11日
Last Modified2026年5月13日

Vulnerability Description

An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability.

Affected Platforms (CPE)

📦
Libsdl

Sdl Image

= 2.0.1
💻
Debian

Debian Linux

= 8.0
💻
Debian

Debian Linux

= 9.0

References & Advisories

🔗 http://www.securityfocus.com/bid/101215
🔗 https://www.debian.org/security/2018/dsa-4177
🔗 https://www.debian.org/security/2018/dsa-4184
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394
🔗 http://www.securityfocus.com/bid/101215
🔗 https://www.debian.org/security/2018/dsa-4177
🔗 https://www.debian.org/security/2018/dsa-4184
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394

相關漏洞威脅

CVE-2008-054410.0

Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause ...

CVE-2019-149069.8

A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affec...

CVE-2017-28888.8

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can ca...

CVE-2019-122198.8

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2...