Libsdl Sdl2 Image vulnerabilities

CVE-2019-5058 [HIGH] CWE-122 CVE-2019-5058: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2019-5057 [HIGH] CWE-122 CVE-2019-5057: An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2019-5059 [HIGH] CWE-190 CVE-2019-5059: An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a speciall

CVE-2019-5060 [HIGH] CWE-190 CVE-2019-5060: An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker

CVE-2019-5051 [HIGH] CWE-390 CVE-2019-5051: An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

CVE-2019-5052 [HIGH] CWE-190 CVE-2019-5052: An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

CVE-2019-12219 [HIGH] CWE-415 CVE-2019-12219: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.

CVE-2019-12220 [MEDIUM] CWE-125 CVE-2019-12220: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.

CVE-2019-12218 [MEDIUM] CWE-476 CVE-2019-12218: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.

CVE-2019-12221 [MEDIUM] CWE-787 CVE-2019-12221: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.

CVE-2019-12217 [MEDIUM] CWE-476 CVE-2019-12217: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.

CVE-2019-12216 [MEDIUM] CWE-787 CVE-2019-12216: An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunctio An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.