CVE-2019-5059 -- libsdl2-imageID: oval:org.secpod.oval:def:1902838 | Date: (C)2019-10-16 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Platform: |
Ubuntu 16.04 |
Ubuntu 19.04 |
Ubuntu 18.04 |
Product: |
libsdl2-image-2.0-0 |