Libsdl Sdl Image vulnerabilities

CVE-2018-3977 [HIGH] CWE-787 CVE-2018-3977: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-12122 [HIGH] CWE-787 CVE-2017-12122: An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2 An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-14441 [HIGH] CWE-190 CVE-2017-14441: An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-14450 [HIGH] CWE-119 CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

CVE-2017-14442 [HIGH] CWE-119 CVE-2017-14442: An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-14440 [HIGH] CWE-787 CVE-2017-14440: An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2 An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-14449 [HIGH] CWE-415 CVE-2017-14449: A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A s A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-14448 [HIGH] CWE-787 CVE-2017-14448: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_ An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2018-3839 [HIGH] CWE-787 CVE-2018-3839: An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simpl An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2018-3838 [MEDIUM] CWE-125 CVE-2018-3838: An exploitable information vulnerability exists in the XCF image rendering functionality of Simple D An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2018-3837 [MEDIUM] CWE-125 CVE-2018-3837: An exploitable information disclosure vulnerability exists in the PCX image rendering functionality An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-2887 [HIGH] CWE-787 CVE-2017-2887: An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SD An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability.