Oval Definition:oval:com.ubuntu.bionic:def:20183977000
Revision Date:2018-11-01Version:1
Title:CVE-2018-3977 on Ubuntu 18.04 LTS (bionic) - medium.
Description:An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-3977
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'libsdl2-image' package in bionic is not affected (note: '2.0.4+dfsg1-2ubuntu2.16.04.1').
  • OR The 'sdl-image1.2' package in bionic is affected and needs fixing.
  • BACK