OVAL Reference oval:com.ubuntu.trusty:def:20172887000

Oval Definition:

oval:com.ubuntu.trusty:def:20172887000

Revision Date:	2017-10-11	Version:	1
Title:	CVE-2017-2887 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this vulnerability.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-2887
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'libsdl2-image' package in trusty was vulnerable but has been fixed (note: '2.0.0+dfsg-3+deb8u1build0.14.04.1'). OR The 'sdl-image1.2' package in trusty was vulnerable but has been fixed (note: '1.2.12-5+deb9u1build0.14.04.1').