An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
sdl2_image | eq | 2.0.2-r0 | |
sdl2_image | eq | 2.0.1-r1 | |
sdl2_image | eq | 2.0.1-r2 | |
sdl2_image | eq | 2.0.1-r3 | |
sdl2_image | eq | 2.0.2-r3 | |
sdl2_image | eq | 2.0.1-r0 |