CVE-2017-2888 -- libsdl2-devID: oval:org.secpod.oval:def:1900326 | Date: (C)2019-02-27 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
An exploitable integer overflow vulnerability exists when creating a newRGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow result ing in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
Platform: |
Ubuntu 16.04 |
Ubuntu 14.04 |