Lucene search

MitreCVE-2019-12218

HistoryMay 20, 2019 - 5:29 p.m.

CVE-2019-12218

2019-05-2017:29:17

CWE-476

mitre

web.nvd.nist.gov

148

cve-2019-12218

nvd

libsdl2

sdl

libsdl2_image

security issue

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.

Affected configurations

Nvd

Node

libsdlsdl2_imageMatch2.0.4

AND

libsdlsimple_directmedia_layerMatch2.0.9

VendorProductVersionCPE
libsdlsdl2_image2.0.4cpe:2.3:a:libsdl:sdl2_image:2.0.4:*:*:*:*:*:*:*
libsdlsimple_directmedia_layer2.0.9cpe:2.3:a:libsdl:simple_directmedia_layer:2.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
libsdl	sdl2_image	2.0.4	cpe:2.3:a:libsdl:sdl2_image:2.0.4:::::::*
libsdl	simple_directmedia_layer	2.0.9	cpe:2.3:a:libsdl:simple_directmedia_layer:2.0.9:::::::*