CVE-2019-19004

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions autotrace version 0.31.1

Description A biWidth*biBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. This issue can be exploited by providing a specially crafted bitmap image.

Recommendations For autotrace version 0.31.1, update to a newer version that fixes the biWidth*biBitCnt integer overflow issue in input-bmp.c to prevent attackers from providing unexpected input values to malloc.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2021:4519

ALT-PU-2024-9579

CESA-2021_4519

CVE-2019-19004

OPENSUSE-SU-2022_0141-1

OPENSUSE-SU-2024:12090-1

RHSA-2021:4519

RHSA-2021_4519

Affected Products

Alt Linux

Almalinux

Centos

Red Hat

Suse

Autotrace

CVE-2019-19004

Weakness Enumeration

Related Identifiers

Affected Products

References · 15