CVE-2017-2575 in libbpginfo

Summary

A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

11/30/2016

Disclosure

08/22/2018

Moderation

VulDB entry created

Entries

VDB-123129 (1)

CPE

ready

CWE

CWE-476 (Confirmed)

CVSS

5.4

EPSS

0.00556

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-2575
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-2575
CVE Details	https://www.cvedetails.com/cve/CVE-2017-2575/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!