10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.141 Low
EPSS
Percentile
95.7%
Imager 0.56 and all earlier versions with BMP support have
a security issue when reading compressed 8-bit per pixel BMP
files where either a compressed run of data or a literal run
of data overflows the scan-line.
Such an overflow causes a buffer overflow in a malloc()
allocated memory buffer, possibly corrupting the memory arena
headers.
The effect depends on your system memory allocator, with glibc
this typically results in an abort, but with other memory
allocators it may be possible to cause local code execution.