A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
References
Link | Resource |
---|---|
https://github.com/autotrace/autotrace/commits/master | Patch Third Party Advisory |
https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c | Patch Third Party Advisory |
https://github.com/autotrace/autotrace/pull/40 | Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/ |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-11T20:08:15
Updated: 2021-05-10T02:06:21
Reserved: 2019-11-15T00:00:00
Link: CVE-2019-19004
JSON object: View
NVD Information
Status : Modified
Published: 2021-02-11T21:15:12.180
Modified: 2023-11-07T03:07:23.380
Link: CVE-2019-19004
JSON object: View
Redhat Information
No data.
CWE