CVE-2017-11464 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 35%

Affected Products (NVD)

Vendor	Product	Version
gnome	librsvg	2.40.17

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

librsvg

bookworm	2.54.7+dfsg-1~deb12u1 fixed
bookworm (security)	2.54.7+dfsg-1~deb12u1 fixed
bullseye	2.50.3+dfsg-1+deb11u1 fixed
bullseye (security)	2.50.3+dfsg-1+deb11u1 fixed
jessie	not-affected
sid	2.59.1+dfsg-1 fixed
trixie	2.59.1+dfsg-1 fixed
wheezy	not-affected

Ubuntu Releases

Ubuntu Product

Codename

librsvg

artful	not-affected
bionic	not-affected
cosmic	not-affected
disco	not-affected
eoan	not-affected
focal	not-affected
trusty	dne
xenial	Fixed 2.40.13-3ubuntu0.1 released
yakkety	ignored
zesty	ignored

openSUSE / SLES Releases

openSUSE Product

Release

gdk-pixbuf-loader-rsvg

suse enterprise desktop 15	2.42.3-1.49 fixed
suse enterprise desktop 15 SP1	2.42.3-1.49 fixed
suse enterprise desktop 15 SP2	2.46.4-1.31 fixed
suse enterprise desktop 15 SP3	2.46.5-3.3.1 fixed
suse enterprise desktop 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise desktop 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise desktop 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise desktop 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise sap 12 SP2	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP3	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP5	2.40.20-5.6.1 fixed
suse enterprise sap 15	2.42.3-1.49 fixed
suse enterprise sap 15 SP1	2.42.3-1.49 fixed
suse enterprise sap 15 SP2	2.46.4-1.31 fixed
suse enterprise sap 15 SP3	2.46.5-3.3.1 fixed
suse enterprise sap 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise sap 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise sap 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise sap 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise server 12 SP2	2.40.18-5.3.1 fixed
suse enterprise server 12 SP3	2.40.18-5.3.1 fixed
suse enterprise server 12 SP4	2.40.20-5.6.1 fixed
suse enterprise server 12 SP5	2.40.20-5.6.1 fixed
suse enterprise server 15	2.42.3-1.49 fixed
suse enterprise server 15 SP1	2.42.3-1.49 fixed
suse enterprise server 15 SP2	2.46.4-1.31 fixed
suse enterprise server 15 SP3	2.46.5-3.3.1 fixed
suse enterprise server 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise server 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise server 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise server 15 SP7	2.57.1-150600.1.7 fixed

librsvg-2-2

suse enterprise desktop 15	2.42.3-1.49 fixed
suse enterprise desktop 15 SP1	2.42.3-1.49 fixed
suse enterprise desktop 15 SP2	2.46.4-1.31 fixed
suse enterprise desktop 15 SP3	2.46.5-3.3.1 fixed
suse enterprise desktop 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise desktop 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise desktop 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise desktop 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise sap 12 SP2	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP3	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP5	2.40.20-5.6.1 fixed
suse enterprise sap 15	2.42.3-1.49 fixed
suse enterprise sap 15 SP1	2.42.3-1.49 fixed
suse enterprise sap 15 SP2	2.46.4-1.31 fixed
suse enterprise sap 15 SP3	2.46.5-3.3.1 fixed
suse enterprise sap 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise sap 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise sap 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise sap 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise server 12 SP2	2.40.18-5.3.1 fixed
suse enterprise server 12 SP3	2.40.18-5.3.1 fixed
suse enterprise server 12 SP4	2.40.20-5.6.1 fixed
suse enterprise server 12 SP5	2.40.20-5.6.1 fixed
suse enterprise server 15	2.42.3-1.49 fixed
suse enterprise server 15 SP1	2.42.3-1.49 fixed
suse enterprise server 15 SP2	2.46.4-1.31 fixed
suse enterprise server 15 SP3	2.46.5-3.3.1 fixed
suse enterprise server 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise server 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise server 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise server 15 SP7	2.57.1-150600.1.7 fixed

librsvg-2-2-32bit

suse enterprise sap 12 SP2	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP3	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP5	2.40.20-5.6.1 fixed
suse enterprise server 12 SP2	2.40.18-5.3.1 fixed
suse enterprise server 12 SP3	2.40.18-5.3.1 fixed
suse enterprise server 12 SP4	2.40.20-5.6.1 fixed
suse enterprise server 12 SP5	2.40.20-5.6.1 fixed

librsvg-devel

suse enterprise desktop 15	2.42.3-1.49 fixed
suse enterprise desktop 15 SP1	2.42.3-1.49 fixed
suse enterprise desktop 15 SP2	2.46.4-1.31 fixed
suse enterprise desktop 15 SP3	2.46.5-3.3.1 fixed
suse enterprise desktop 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise desktop 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise desktop 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise desktop 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise sap 15	2.42.3-1.49 fixed
suse enterprise sap 15 SP1	2.42.3-1.49 fixed
suse enterprise sap 15 SP2	2.46.4-1.31 fixed
suse enterprise sap 15 SP3	2.46.5-3.3.1 fixed
suse enterprise sap 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise sap 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise sap 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise sap 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise server 15	2.42.3-1.49 fixed
suse enterprise server 15 SP1	2.42.3-1.49 fixed
suse enterprise server 15 SP2	2.46.4-1.31 fixed
suse enterprise server 15 SP3	2.46.5-3.3.1 fixed
suse enterprise server 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise server 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise server 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise server 15 SP7	2.57.1-150600.1.7 fixed

rsvg-view

suse enterprise sap 12 SP2	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP3	2.40.18-5.3.1 fixed
suse enterprise sap 12 SP5	2.40.20-5.6.1 fixed
suse enterprise server 12 SP2	2.40.18-5.3.1 fixed
suse enterprise server 12 SP3	2.40.18-5.3.1 fixed
suse enterprise server 12 SP4	2.40.20-5.6.1 fixed
suse enterprise server 12 SP5	2.40.20-5.6.1 fixed

typelib-1_0-Rsvg-2_0

suse enterprise desktop 15	2.42.3-1.49 fixed
suse enterprise desktop 15 SP1	2.42.3-1.49 fixed
suse enterprise desktop 15 SP2	2.46.4-1.31 fixed
suse enterprise desktop 15 SP3	2.46.5-3.3.1 fixed
suse enterprise desktop 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise desktop 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise desktop 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise desktop 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise sap 15	2.42.3-1.49 fixed
suse enterprise sap 15 SP1	2.42.3-1.49 fixed
suse enterprise sap 15 SP2	2.46.4-1.31 fixed
suse enterprise sap 15 SP3	2.46.5-3.3.1 fixed
suse enterprise sap 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise sap 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise sap 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise sap 15 SP7	2.57.1-150600.1.7 fixed
suse enterprise server 15	2.42.3-1.49 fixed
suse enterprise server 15 SP1	2.42.3-1.49 fixed
suse enterprise server 15 SP2	2.46.4-1.31 fixed
suse enterprise server 15 SP3	2.46.5-3.3.1 fixed
suse enterprise server 15 SP4	2.52.6-150400.1.7 fixed
suse enterprise server 15 SP5	2.52.9-150400.3.3.1 fixed
suse enterprise server 15 SP6	2.57.1-150600.1.7 fixed
suse enterprise server 15 SP7	2.57.1-150600.1.7 fixed

Common Weakness Enumeration

CWE-369 - Divide By Zero
The product divides a value by zero.

References

http://www.securityfocus.com/bid/99956

https://bugzilla.gnome.org/show_bug.cgi?id=783835

https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a

https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a