VYPR

Vendor CVEs

Autotrace Project

All CVEs

55 total · sorted by risk
  • CVE-2016-7392MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file.

  • CVE-2022-32323Jul 14, 2022
    risk 0.00cvss epss 0.01

    AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

  • CVE-2019-19005Feb 11, 2021
    risk 0.00cvss epss 0.01

    A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.

  • CVE-2019-19004Feb 11, 2021
    risk 0.00cvss epss 0.01

    A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

  • CVE-2013-1953Dec 9, 2013
    risk 0.00cvss epss 0.02

    Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.

Page 2 of 2