Oval Definition:oval:org.opensuse.security:def:201714448
Revision Date:2022-06-30Version:1
Title:CVE-2017-14448
Description:

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-14448
SUSE-SU-2018:3657-1
openSUSE-SU-2018:0734-1
Mitre CVE-2017-14448
SUSE CVE-2017-14448
SUSE-SU-2018:3657-1
openSUSE-SU-2018:0734-1
Platform(s):openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • SDL2-2.0.8-18 is installed
  • AND SDL2 is signed with openSUSE key
  • OR
  • SDL2_image-2.0.3-13.10 is installed
  • AND SDL2_image is signed with openSUSE key
  • OR
  • libSDL2-2_0-0-2.0.8-18 is installed
  • AND libSDL2-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2-2_0-0-32bit-2.0.8-18 is installed
  • AND libSDL2-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2-devel-2.0.8-18 is installed
  • AND libSDL2-devel is signed with openSUSE key
  • OR
  • libSDL2-devel-32bit-2.0.8-18 is installed
  • AND libSDL2-devel-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-2.0.3-13.10 is installed
  • AND libSDL2_image-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-32bit-2.0.3-13.10 is installed
  • AND libSDL2_image-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-devel-2.0.3-13.10 is installed
  • AND libSDL2_image-devel is signed with openSUSE key
  • OR
  • libSDL2_image-devel-32bit-2.0.3-13.10 is installed
  • AND libSDL2_image-devel-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • SDL_image-1.2.6-84.42 is installed
  • OR SDL_image-devel-1.2.6-84.42 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libSDL2_image-2_0-0-2.0.5-1.14 is installed
  • OR libSDL2_image-2_0-0-32bit-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-32bit-2.0.5-1.14 is installed
    • BACK