CVE-2019-6247 - OpenCVE

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Antigrain	Agg
Svgpp	Svgpp

Configuration 1 [-]

OR	cpe:2.3:a:antigrain:agg:2.4:::::::*
	cpe:2.3:a:svgpp:svgpp:1.2.3:::::::*

References

Link	Resource
https://github.com/svgpp/svgpp/issues/70	Exploit Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-01-13T00:00:00

Updated: 2023-04-01T00:00:00

Reserved: 2019-01-12T00:00:00

Link: CVE-2019-6247

JSON object: View

NVD Information

Status : Modified

Published: 2019-01-13T00:29:00.570

Modified: 2023-04-01T18:15:07.147

Link: CVE-2019-6247

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:antigrain:agg:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B11FD8B-B7E4-44AD-82BA-397070170963", "vulnerable": true}, {"criteria": "cpe:2.3:a:svgpp:svgpp:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2F983A1-285C-4EEE-9BC2-464D680F4539", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap."}, {"lang": "es", "value": "Se ha descubierto un problema en Anti-Grain Geometry (AGG) 2.4, tal y como se emplea en SVG++ (tambi\u00e9n conocido como svgpp) 1.2.3. Un error de desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en svgpp_agg_render podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo. En la funci\u00f3n render_scanlines_aa_solid, la funci\u00f3n blend_hline se llama m\u00faltiples veces repetidamente. blend_hline equivale a un bucle que contiene operaciones de escritura. Cada llamadas escribe un pedazo de datos de memoria din\u00e1mica (heap) y m\u00faltiples llamadas sobrescriben los datos en el heap."}], "id": "CVE-2019-6247", "lastModified": "2023-04-01T18:15:07.147", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-13T00:29:00.570", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/svgpp/svgpp/issues/70"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}