Fluid Attacks Database

Description

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to the GET_COLOR function in color.c:16:11.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package
rpm rhel6	autotrace
rpm rhel7	autotrace

Aliases

1. CVE-2017-91822. NVD-2017-91823. OSV-2017-9182

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.