{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2018-3839", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "datePublished": "2018-04-10T21:00:00Z", "dateUpdated": "2024-09-16T22:57:08.509Z", "dateReserved": "2018-01-02T00:00:00"}, "containers": {"cna": {"datePublic": "2018-04-10T00:00:00", "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2022-10-11T00:00:00"}, "descriptions": [{"lang": "en", "value": "An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability."}], "affected": [{"vendor": "Cisco Systems, Inc.", "product": "Simple DirectMedia", "versions": [{"version": "Simple DirectMedia Layer SDL2_image 2.0.2", "status": "affected"}]}], "references": [{"name": "DSA-4177", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2018/dsa-4177"}, {"name": "DSA-4184", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2018/dsa-4184"}, {"name": "GLSA-201903-17", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/201903-17"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521"}, {"url": "https://www.starwindsoftware.com/security/sw-20191008-0002/"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Heap Based Overflow"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T04:57:23.945Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4177", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4177"}, {"name": "DSA-4184", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4184"}, {"name": "GLSA-201903-17", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/201903-17"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521", "tags": ["x_transferred"]}, {"url": "https://www.starwindsoftware.com/security/sw-20191008-0002/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libsdl:sdl_image:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8ACCFE82-277E-4B12-8BD4-C7B8FBFB37BD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*", "matchCriteriaId": "0E5C2815-65C8-48D7-BF31-6104EDD0CBE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*", "matchCriteriaId": "6FF4A265-AFFD-4853-B3CE-A55E950E8B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*", "matchCriteriaId": "E6484296-5BA8-408A-A087-A0D86BA50703", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad explotable de ejecuci\u00f3n de c\u00f3digo en la funcionalidad de renderizaci\u00f3n de im\u00e1genes XCF de Simple DirectMedia Layer SDL2_image-2.0.2. Una imagen XCF especialmente manipulada puede provocar una escritura fuera de l\u00edmites en la memoria din\u00e1mica (heap), lo que resulta en la ejecuci\u00f3n de c\u00f3digo. Un atacante puede mostrar una imagen especialmente manipulada para provocar esta vulnerabilidad."}], "id": "CVE-2018-3839", "lastModified": "2024-11-21T04:06:08.700", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-10T21:29:00.343", "references": [{"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201903-17"}, {"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4177"}, {"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4184"}, {"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://www.starwindsoftware.com/security/sw-20191008-0002/"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201903-17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4184"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.starwindsoftware.com/security/sw-20191008-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}