PT-2017-9753 · Libbpg+1 · Libbpg+1
Published
2017-01-26
·
Updated
2022-12-14
·
CVE-2016-8710
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Libbpg library (affected versions not specified)
Description
A heap write out of bounds vulnerability exists in the decoding of BPG images in the Libbpg library. Decoding a crafted BPG image can cause an integer underflow vulnerability, leading to an out of bounds heap write and potentially allowing remote code execution. This issue can be triggered by attempting to decode a crafted BPG image using the Libbpg library.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Libbpg