Autotrace Project Autotrace vulnerabilities

CVE-2017-9198 [CRITICAL] CWE-190 CVE-2017-9198: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:50 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.

CVE-2017-9166 [CRITICAL] CWE-125 CVE-2017-9166: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in co libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.

CVE-2017-9192 [CRITICAL] CWE-119 CVE-2017-9192: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.

CVE-2017-9186 [CRITICAL] CWE-190 CVE-2017-9186: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:32 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17.

CVE-2017-9172 [CRITICAL] CWE-119 CVE-2017-9172: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29.

CVE-2017-9161 [CRITICAL] CWE-190 CVE-2017-9161: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:18 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23.

CVE-2017-9167 [CRITICAL] CWE-119 CVE-2017-9167: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25.

CVE-2017-9199 [CRITICAL] CWE-190 CVE-2017-9199: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:19 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.

CVE-2017-9163 [CRITICAL] CWE-119 CVE-2017-9163: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c: libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54.

CVE-2017-9170 [CRITICAL] CWE-119 CVE-2017-9170: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25.

CVE-2017-9195 [CRITICAL] CWE-125 CVE-2017-9195: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in in libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.

CVE-2017-9171 [CRITICAL] CWE-125 CVE-2017-9171: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in in libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24.

CVE-2017-9191 [CRITICAL] CWE-119 CVE-2017-9191: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.

CVE-2017-9188 [CRITICAL] CWE-20 CVE-2017-9188: libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63.

CVE-2017-9196 [CRITICAL] CWE-190 CVE-2017-9196: libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in in libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.

CVE-2017-9168 [CRITICAL] CWE-119 CVE-2017-9168: libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in inp libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25.

CVE-2017-9174 [HIGH] CWE-125 CVE-2017-9174: libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid rea libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23.

CVE-2017-9189 [HIGH] CWE-125 CVE-2017-9189: libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid rea libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

CVE-2017-9155 [HIGH] CWE-125 CVE-2017-9155: libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid rea libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.

CVE-2017-9180 [HIGH] CWE-125 CVE-2017-9180: libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid rea libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:440:14.