CVE-2017-2888 -- libsdl1.2ID: oval:org.secpod.oval:def:2001365 | Date: (C)2019-06-03 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
Platform: |
Debian 8.x |
Debian 9.x |