CVE-2017-18215

Published: Mar 5, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.

Affected (2)

Products: Xv Project: Xv · Opensuse: Leap

Xv Project

1 product

Opensuse

1 product

Leap

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Xv Project Xv	Version 3.10a

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 42.3

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (6)

https://bugzilla.suse.com/attachment.cgi?id=728337

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1043479

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://lists.opensuse.org/opensuse-updates/2018-02/msg00088.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://bugzilla.suse.com/attachment.cgi?id=728337

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1043479

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://lists.opensuse.org/opensuse-updates/2018-02/msg00088.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

Timeline

No history available yet.