Security Vulnerabilities - CVEs Published In May 2017
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-23
imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-23
imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-23
The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-23