CVE-2017-8326

HIGH Year: 2017
CVSS v3 Score
8.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-682
View all →

Vulnerability Description

libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c.

Related Vulnerabilities

CVE-2017-12134

HIGH
CVSS:8.8(High)

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, caus...

CWE-6822017

CVE-2017-12135

HIGH
CVSS:8.8(High)

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.

CWE-6822017

CVE-2017-13151

HIGH
CVSS:8.8(High)

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.

CWE-6822017

CVE-2017-8905

HIGH
CVSS:8.8(High)

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.

CWE-6822017

CVE-2019-16346

HIGH
CVSS:8.8(High)

ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

CWE-6822019

CVE-2019-16347

HIGH
CVSS:8.8(High)

ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

CWE-6822019