Vulnerabilities > CVE-2018-7487 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

sam2p-project

debian

CWE-787

nessus

NVD

Published: 2018-02-26

Updated: 2020-08-24

Summary

There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. A Crafted input will lead to a denial of service or possibly unspecified other impact.

Vulnerable Configurations

Part	Description	Count
Application	Sam2P_Project Sam2P Project Sam2P 0.49.4	1
OS	Debian Debian Debian Linux 7.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-1340.NASL
description	Multiple invalid frees and buffer-overflow vulnerabilities were discovered in sam2p, a utility to convert raster images and other image formats, that may lead to a denial of service (application crash) or unspecified other impact. For Debian 7
last seen	2020-03-17
modified	2018-04-10
plugin id	108901
published	2018-04-10
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/108901
title	Debian DLA-1340-1 : sam2p security update

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References