Published: 11/02/2021 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows malicious users to provide an unexpected input value to malloc via a malformed bitmap image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
autotrace project autotrace 0.31.1
fedoraproject fedora 34

Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoeditc in AutoTrace 0311 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file (CVE-2016-7392) A biWidth*biBitCnt integer overflow in input-bmpc in autotrace 0311 allows attackers to provide an unexpected input ...

A biWidth*biBitCnt integer overflow in input-bmpc in autotrace 0311 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image (CVE-2019-19004) A bitmap double free in mainc in autotrace 0311 allows attackers to cause an unspecified impact via a malformed bitmap image This may occur after the use-after-free ...

CWE-190 https://github.com/autotrace/autotrace/commits/master https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c https://github.com/autotrace/autotrace/pull/40 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-1929.html

CVE-2019-19004

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect