CVE-2017-18215

xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
xv_projectxv
3.10a:a
opensuseleap
42.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bugzilla.suse.com/attachment.cgi?id=728337
https://bugzilla.suse.com/show_bug.cgi?id=1043479
https://lists.opensuse.org/opensuse-updates/2018-02/msg00088.html
https://bugzilla.suse.com/attachment.cgi?id=728337
https://bugzilla.suse.com/show_bug.cgi?id=1043479
https://lists.opensuse.org/opensuse-updates/2018-02/msg00088.html