Lucene search

Veracode Vulnerability DatabaseVERACODE:7667

HistoryNov 01, 2018 - 6:22 a.m.

Denial Of Service (DoS)

2018-11-0106:22:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

libautotrace.so is vulnerable to denial of service. An attacker is able to cause a denial of service condition via a crafted bmp image file by exploiting a heap-based buffer overflow vulnerability in pstoedit_suffix_table_init function in output-pstoedit.c.

CPENameOperatorVersion
libautotrace.soeq3.0.0

CPE	Name	Operator	Version
	libautotrace.so	eq	3.0.0

References

github.com/autotrace/autotrace/commit/2d18309982e99988b036865b09981adf9cd774e0

github.com/autotrace/autotrace/issues/1

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

Related for VERACODE:7667