Lucene search

PRIOn knowledge basePRION:CVE-2019-5057

HistoryJul 31, 2019 - 5:15 p.m.

Design/Logic Flaw

2019-07-3117:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.6%

JSON

An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CPENameOperatorVersion
sdl2_imageeq2.0.4
backports_sleeq15.0 sp1
backports_sleeq15.0
leapeq15.0
leapeq15.1

Name	Operator	Version
sdl2_image	eq	2.0.4
backports_sle	eq	15.0 sp1
backports_sle	eq	15.0
leap	eq	15.0
leap	eq	15.1

References

lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html

talosintelligence.com/vulnerability_reports/TALOS-2019-0841