Published: 09/12/2013 Updated: 13/12/2013

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent malicious users to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
autotrace project autotrace 0.31.1

Debian Bug report logs - #742873 autotrace: CVE-2013-1953 Package: autotrace; Maintainer for autotrace is (unknown); Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 28 Mar 2014 12:27:07 UTC Owned by: dirson@debianorg Severity: grave Tags: patch, security Found in version autotrace/0311-15 Fixed in version au ...

Integer underflow in the input_bmp_reader function in input-bmpc in AutoTrace 0311 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow ...

CWE-189 http://www.openwall.com/lists/oss-security/2013/04/16/3 https://bugzilla.redhat.com/show_bug.cgi?id=951257 http://www.mandriva.com/security/advisories?name=MDVSA-2013:190 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742873 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-1953

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-1953

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect