CVE-2019-6247

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-6247

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6247.json

Related

DLA-3376-1

Published

2019-01-13T00:29:00Z

Modified

2023-11-29T07:33:04.284796Z

Details

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgppaggrender may lead to code execution. In the renderscanlinesaasolid function, the blendhline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.

References

https://github.com/svgpp/svgpp/issues/70
https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html

Affected packages

Git / github.com/svgpp/svgpp

Affected ranges

Type: GIT
Repo: https://github.com/svgpp/svgpp
Events: Introduced

0The exact introduced commit is unknown

Last affected

17e54ff509ae8d9433b9e6d09b9855aac64ded99

Affected versions

v1.*

v1.2.2

v1.2.3