{"id":"CVE-2017-7875","details":"In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.","modified":"2026-02-16T04:39:29.872521Z","published":"2017-04-14T18:59:01.173Z","related":["MGASA-2017-0137","MGASA-2017-0149","openSUSE-SU-2024:10751-1"],"references":[{"type":"WEB","url":"https://feh.finalrewind.org/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00021.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97689"},{"type":"ADVISORY","url":"https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201707-08"},{"type":"FIX","url":"https://feh.finalrewind.org/"},{"type":"FIX","url":"https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/derf/feh","events":[{"introduced":"0"},{"fixed":"f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d"}]}],"versions":["1.10","1.10.1","1.11","1.12","1.13","1.14","1.14.1","1.14.2","1.15","1.15.1","1.16","1.16.1","1.16.2","1.3.5","1.4","1.4.1","1.4.2","1.4.3","1.5","1.6","1.6.1","1.7","1.8","1.9","2.0","2.1","2.10","2.11","2.12","2.13","2.13.1","2.14","2.15","2.15.1","2.15.2","2.15.3","2.15.4","2.16","2.16.1","2.16.2","2.17","2.17.1","2.18","2.18.1","2.18.2","2.2","2.3","2.4","2.5","2.6","2.6.1","2.6.2","2.6.3","2.7","2.8","2.9","2.9.1","2.9.2","2.9.3"],"database_specific":{"vanir_signatures":[{"id":"CVE-2017-7875-2316f0a4","target":{"file":"src/wallpaper.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["114611271374651776628541093080720029731","41834195195041888171198261125242210801","108368789263570908763498376805416493156","238841293264128875907687015485774305246"]},"source":"https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d","deprecated":false,"signature_version":"v1"},{"id":"CVE-2017-7875-5f505e22","target":{"function":"enl_ipc_get","file":"src/wallpaper.c"},"signature_type":"Function","digest":{"length":677,"function_hash":"102306032804263360865648438411247829941"},"source":"https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d","deprecated":false,"signature_version":"v1"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7875.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}