Zurück zur CVE-Übersicht
CVE-2017-8326
MEDIUM(6.8)AV:N/AC:M/Au:N/C:P/I:P/A:P
Risk Signal Score18/100 — NIEDRIG
- CVSS 6.8 — Mittel
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
6.8
Technische Schwere
Beschreibung
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c.
Referenzen
- https://blogs.gentoo.org/ago/2017/04/27/imageworsener-two-left-shift/
- https://github.com/jsummers/imageworsener/commit/a00183107d4b84bc8a714290e824ca9...
- https://security.gentoo.org/glsa/201706-06
- https://blogs.gentoo.org/ago/2017/04/27/imageworsener-two-left-shift/
- https://github.com/jsummers/imageworsener/commit/a00183107d4b84bc8a714290e824ca9...
- https://security.gentoo.org/glsa/201706-06