Fluid Attacks Database

Description

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel7	autotrace	-	-
rpm rhel6	autotrace	-	-
rpm rhel8	autotrace	<0:0.31.1-53.el8	0:0.31.1-53.el8

Aliases

1. CVE-2019-190042. NVD-2019-190043. OSV-2019-19004

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.