Note:
This project will be discontinued after December 13, 2021. [more]
2017-02-15
Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file.
Products | Autotrace |
Type | Out-of-bounds Write (CWE-787) |
First patch | - None (likely due to unavailable code) |
Links |
• https://security.gentoo.org/glsa/201708-09
• http://www.openwall.com/lists/oss-security/2016/09/10/3 • http://www.securityfocus.com/bid/92907 • https://blogs.gentoo.org/ago/2016/09/10/autotrace-heap-based-buffer-overflow-in-pstoedit_suffix_table_init-output-pstoedit-c/ • http://www.openwall.com/lists/oss-security/2016/09/12/7 |