CVE-2017-11464

7.8HIGH

Key Information:

Vendor: Gnome
Status: Librsvg
Vendor: CVE Published:; 19 July 2017

Summary

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

References

https://bugzilla.gnome.org/show_bug.cgi?id=783835

x_refsource_CONFIRM

https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a2...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/99956

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2017
Vulnerability Reserved
Jul 19, 2017