Double free

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

UBUNTU-CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19005

CVE-2019-19005 affects autotrace 0.31.1 (bitmap processing). The vulnerability is described as a bitmap double free in main.c, potentially leading to unspecified impact after a prior use-after-free in CVE-2017-9182. The connected Nessus entries corroborate that autotrace 0.31.1 is vulnerable and ...

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19004

CVE-2019-19004 affects autotrace 0.31.1: an integer overflow (biWidth*biBitCnt) in input-bmp.c can cause a malformed value to be passed to malloc via a BMP image. The vulnerability is part of multiple autotrace issues (also cited as CVE-2019-19005 and CVE-2022-32323 in related advisories). Impact...

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

PT-2021-9016 · Autotrace +5 · Autotrace +5

Name of the Vulnerable Software and Affected Versions: autotrace version 0.31.1 Description: A bitmap double free issue in the main.c file of autotrace allows attackers to cause an unspecified impact via a malformed bitmap image. This issue may occur after a use-after-free error. Recommendations:...

PT-2021-9015 · Autotrace +5 · Autotrace +5

Name of the Vulnerable Software and Affected Versions: autotrace version 0.31.1 Description: A biWidthbiBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. This issue can be exploited by providing a specially crafted...

CVE-2020-27000

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...

OSV-2021-315 Global-buffer-overflow in Gfx::decode_frame

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30507 Crash type: Global-buffer-overflow READ 4 Crash state: Gfx::decodeframe Gfx::GIFImageDecoderPlugin::frame Gfx::GIFImageDecoderPlugin::bitmap...

EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2021-1066)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in updatereadbitmapdata that allows client memory to be read to an imag...

DEBIAN-CVE-2020-14409

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

UBUNTU-CVE-2020-14410

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

UBUNTU-CVE-2020-14409

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

CVE-2021-21456

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2021-21461

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2021-21460

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2021-21455

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

Qualcomm Wlan Firmware Input Validation Error Vulnerability

Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated. The Qualcomm Wlan Firmware suffers from an input validation error vulnerability that arises from time bitmap length and bit duration fields not being properly validated...

DEBIAN-CVE-2020-27772

A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned int. This would most likely lead to an impact to application availability, but could...