CVE-2017-14442

An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libsdl:sdl_image:2.0.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-04-24 19:29

Updated : 2024-02-04 19:46


NVD link : CVE-2017-14442

Mitre link : CVE-2017-14442

CVE.ORG link : CVE-2017-14442


JSON object : View

Products Affected

debian

  • debian_linux

libsdl

  • sdl_image
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer