libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the
GET_COLOR function in color.c:16:11.
Author | Note |
---|---|
msalvatore | The latest version of AutoTrace was released in 2002. Unless this project is forked or adopted by a new maintainer, this vulnerability will likely never be fixed. |