Vulnerability Details CVE-2017-11464
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/99956
- https://bugzilla.gnome.org/show_bug.cgi?id=783835
- https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html
- https://usn.ubuntu.com/4436-1/
- http://www.securityfocus.com/bid/99956
- https://bugzilla.gnome.org/show_bug.cgi?id=783835
- https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html
- https://usn.ubuntu.com/4436-1/