CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

Integer overflow

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

Double free

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

UBUNTU-CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

UBUNTU-CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19005

CVE-2019-19005 affects autotrace 0.31.1 (bitmap processing). The vulnerability is described as a bitmap double free in main.c, potentially leading to unspecified impact after a prior use-after-free in CVE-2017-9182. The connected Nessus entries corroborate that autotrace 0.31.1 is vulnerable and ...

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

CVE-2019-19004

CVE-2019-19004 affects autotrace 0.31.1: an integer overflow (biWidth*biBitCnt) in input-bmp.c can cause a malformed value to be passed to malloc via a BMP image. The vulnerability is part of multiple autotrace issues (also cited as CVE-2019-19005 and CVE-2022-32323 in related advisories). Impact...

PT-2021-9015 · Autotrace +5 · Autotrace +5

Name of the Vulnerable Software and Affected Versions: autotrace version 0.31.1 Description: A biWidthbiBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. This issue can be exploited by providing a specially crafted...

PT-2021-9016 · Autotrace +5 · Autotrace +5

Name of the Vulnerable Software and Affected Versions: autotrace version 0.31.1 Description: A bitmap double free issue in the main.c file of autotrace allows attackers to cause an unspecified impact via a malformed bitmap image. This issue may occur after a use-after-free error. Recommendations:...

CVE-2020-27000

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...

OSV-2021-315 Global-buffer-overflow in Gfx::decode_frame

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30507 Crash type: Global-buffer-overflow READ 4 Crash state: Gfx::decodeframe Gfx::GIFImageDecoderPlugin::frame Gfx::GIFImageDecoderPlugin::bitmap...

EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2021-1066)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in updatereadbitmapdata that allows client memory to be read to an imag...

DEBIAN-CVE-2020-14409

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

UBUNTU-CVE-2020-14409

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

UBUNTU-CVE-2020-14410

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

CVE-2021-21460

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...