CVE-2017-14630 — Integer Overflow or Wraparound in Project Sam2p

Severity

9.8CRITICALNVD

EPSS

0.4%

top 39.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 21

Latest updateMay 17

Description

In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶Ubuntusam2p_project/sam2p< 0.49.2-3+deb8u3build0.14.04.1+1

GHSA

GHSA-vfw2-f2w7-m2j3: In sam2p 0↗2022-05-17

▶

CVEList

CVE-2017-14630: In sam2p 0↗2017-09-21

▶

OSV

CVE-2017-14630: In sam2p 0↗2017-09-21

▶