Vulnerabilities > CVE-2013-1953 - Numeric Errors vulnerability in Autotrace Project Autotrace 0.31.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2013-11904.NASL description This is an update that fixes possible buffer overflow when parsing BMP files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-07-12 plugin id 67329 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/67329 title Fedora 19 : autotrace-0.31.1-34.fc19 (2013-11904) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-11904. # include("compat.inc"); if (description) { script_id(67329); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1953"); script_bugtraq_id(59075); script_xref(name:"FEDORA", value:"2013-11904"); script_name(english:"Fedora 19 : autotrace-0.31.1-34.fc19 (2013-11904)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This is an update that fixes possible buffer overflow when parsing BMP files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=951257" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111050.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8cd29056" ); script_set_attribute( attribute:"solution", value:"Update the affected autotrace package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:ND"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:autotrace"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19"); script_set_attribute(attribute:"patch_publication_date", value:"2013/06/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC19", reference:"autotrace-0.31.1-34.fc19")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "autotrace"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-515.NASL description This update of autotrace fixes a buffer overflow issue. - Fix stack-based buffer overflow in bmp parser (CVE-2013-1953.patch, bnc#815382, CVE-2013-1953). last seen 2020-06-05 modified 2014-06-13 plugin id 75051 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75051 title openSUSE Security Update : autotrace (openSUSE-SU-2013:1044-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2013-515. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75051); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2013-1953"); script_bugtraq_id(59075); script_name(english:"openSUSE Security Update : autotrace (openSUSE-SU-2013:1044-1)"); script_summary(english:"Check for the openSUSE-2013-515 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of autotrace fixes a buffer overflow issue. - Fix stack-based buffer overflow in bmp parser (CVE-2013-1953.patch, bnc#815382, CVE-2013-1953)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=815382" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2013-06/msg00168.html" ); script_set_attribute( attribute:"solution", value:"Update the affected autotrace packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:autotrace"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:autotrace-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:autotrace-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:autotrace-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libautotrace3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libautotrace3-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3"); script_set_attribute(attribute:"patch_publication_date", value:"2013/06/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.2|SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.2 / 12.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.2", reference:"autotrace-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"autotrace-debuginfo-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"autotrace-debugsource-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"autotrace-devel-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"libautotrace3-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"libautotrace3-debuginfo-0.31.1-635.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"autotrace-0.31.1-637.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"autotrace-debuginfo-0.31.1-637.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"autotrace-debugsource-0.31.1-637.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"autotrace-devel-0.31.1-637.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libautotrace3-0.31.1-637.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libautotrace3-debuginfo-0.31.1-637.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "autotrace / autotrace-debuginfo / autotrace-debugsource / etc"); }NASL family Fedora Local Security Checks NASL id FEDORA_2013-12032.NASL description This is an update that fixes possible buffer overflow when parsing BMP files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-07-12 plugin id 67333 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/67333 title Fedora 18 : autotrace-0.31.1-34.fc18 (2013-12032) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-190.NASL description Updated autotrace package fixes security vulnerability : Stack-based buffer overflow in bmp parser (CVE-2013-1953). Updated autotrace package corrects the issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67135 published 2013-07-03 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/67135 title Mandriva Linux Security Advisory : autotrace (MDVSA-2013:190)