CVE-2018-7554

Name of the Vulnerable Software and Affected Versions sam2p version 0.49.4

Description The issue is related to an invalid free in the ReadImage function in input-bmp.ci, which can cause a segmentation fault. A crafted input can lead to a denial of service or possibly other unspecified impacts. The vulnerability is associated with the use of memory after it has been freed, which can be exploited by a remote attacker to cause a denial of service or other effects.

Recommendations For sam2p version 0.49.4, consider disabling the ReadImage function in input-bmp.ci as a temporary workaround to minimize the risk of exploitation. Restrict the use of crafted inputs to prevent potential denial of service or other impacts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.