What is CVE-2019-5051?

CVE-2019-5051 is a high-severity vulnerability in Simple Directmedia, classified under CWE-390. CVSS score: 8.8/10. Published 2019-07-03.

How severe is CVE-2019-5051?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Simple Directmedia

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially cr…

EPSS: 0.014 (80.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

N/a Simple Directmedia — versions Simple DirectMedia Layer SDL2_image 2.0.4

Weakness classification (CWE)

CWE-390

References

[debian-lts-announce] 20190727 [SECURITY] [DLA 1865-1] sdl-image1.2 security update (mailing-list, x_refsource_MLIST)
openSUSE-SU-2019:2070 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2019:2108 (vendor-advisory, x_refsource_SUSE)
USN-4238-1 (vendor-advisory, x_refsource_UBUNTU)
talosintelligence.com/vulnerability_reports/TALOS-2019-0820 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-5051?: CVE-2019-5051 is a high-severity vulnerability in Simple Directmedia, classified under CWE-390. CVSS score: 8.8/10. Published 2019-07-03.
How severe is CVE-2019-5051?: High severity. CVSS v3 base score is 8.8 out of 10.