4.3
CVSSv2

CVE-2019-19004

Published: 11/02/2021 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows malicious users to provide an unexpected input value to malloc via a malformed bitmap image.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

autotrace project autotrace 0.31.1

fedoraproject fedora 34

Vendor Advisories

Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoeditc in AutoTrace 0311 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file (CVE-2016-7392) A biWidth*biBitCnt integer overflow in input-bmpc in autotrace 0311 allows attackers to provide an unexpected input ...
A biWidth*biBitCnt integer overflow in input-bmpc in autotrace 0311 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image (CVE-2019-19004) A bitmap double free in mainc in autotrace 0311 allows attackers to cause an unspecified impact via a malformed bitmap image This may occur after the use-after-free ...
A biWidth*biBitCnt integer overflow in input-bmpc in autotrace 0311 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image (CVE-2019-19004) A bitmap double free in mainc in autotrace 0311 allows attackers to cause an unspecified impact via a malformed bitmap image This may occur after the use-after-free ...