A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
References
| Link | Resource |
|---|---|
| https://github.com/autotrace/autotrace/commits/master | Patch Third Party Advisory |
| https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c | Patch Third Party Advisory |
| https://github.com/autotrace/autotrace/pull/40 | Patch Third Party Advisory |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/ |
Configurations
History
01 Jan 2022, 18:13
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* | |
| References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/ - Mailing List, Third Party Advisory |
Information
Published : 2021-02-11 21:15
Updated : 2024-02-04 21:23
NVD link : CVE-2019-19004
Mitre link : CVE-2019-19004
CVE.ORG link : CVE-2019-19004
JSON object : View
Products Affected
autotrace_project
- autotrace
fedoraproject
- fedora
CWE
CWE-190
Integer Overflow or Wraparound