---

CVE-2019-13616 - log back

CVE-2019-13616 edited at 11 Oct 2019 08:20:33
Severity	- Critical + High

CVE-2019-13616 edited at 11 Oct 2019 08:20:26
Severity	- Unknown + Critical
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A heap-based buffer overflow was discovered in SDL in the SDL_BlitCopy() function, that was called while copying an existing surface into a new optimized one, due to lack of validation while loading a BMP image in the SDL_LoadBMP_RW() function. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or possibly execute code.
References	+ https://bugzilla.libsdl.org/show_bug.cgi?id=4538 + https://hg.libsdl.org/SDL/rev/ad1bbfbca760

CVE-2019-13616 created at 11 Oct 2019 08:19:15
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes