Peter Lemenkov - Security Researcher - Exploit Intelligence Platform

CVE-2019-19004 WRITEUP LOW STUB

autotrace 0.31.1 - Integer Overflow in input-bmp.c

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

CVSS 3.3

View Code

CVE-2019-19004 WRITEUP LOW STUB

autotrace 0.31.1 - Integer Overflow in input-bmp.c

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

CVSS 3.3

View Code

CVE-2019-19005 WRITEUP HIGH STUB

autotrace 0.31.1 - Double Free via Malformed Bitmap Image

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.

CVSS 7.8

View Code

CVE-2022-32323 WRITEUP HIGH WRITEUP

autotrace 0.40.0 - Heap Overflow in ReadImage Function

AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

CVSS 7.3

View Code