Security Vulnerabilities - CVEs Published In May 2017
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:440:14.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to the GET_COLOR function in color.c:16:11.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-05-23