ID CVE-2017-2888
Summary An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
bid 101215
misc https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395
Last major update 11-10-2017 - 14:29
Published 11-10-2017 - 14:29
Last modified 12-10-2017 - 21:29
Back to Top