Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netsurf-browser libnsbmp 0.1.2 |