7Unn3L

**Name of the Vulnerable Software and Affected Versions** Clmg (affected versions not specified) **Description** A flaw in Clmg allows an attacker to trick the application into allocating huge buffer sizes, such as 64 Gigabyte, by using a maliciously crafted pandore or bmp file with modified `dx` and `dy` header field values. This can occur when the application reads the file from disk or from a virtual buffer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.