RSS   Podatności dla 'SDL'   RSS

2021-01-19
 
CVE-2020-14410

CWE-125
 

 
SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.

 
 
CVE-2020-14409

CWE-190
 

 
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

 
2017-10-11
 
CVE-2017-2888

CWE-190
 

 
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

 

 >>> Vendor: Libsdl 5 Produkty
Sdl image
SDL
Sdl2 image
Simple directmedia layer
Libsdl


Copyright 2021, cxsecurity.com

 

Back to Top