ALAS2023-2023-004 --- autotrace| ID: oval:org.secpod.oval:def:19500072 | Date: (C)2023-06-12 (M)2023-06-12 |
| Class: PATCH | Family: unix |
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182
| Platform: |
| Amazon Linux 2023 |
