Vulnerabilities > CVE-2018-7553 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DLA-1340.NASL |
description | Multiple invalid frees and buffer-overflow vulnerabilities were discovered in sam2p, a utility to convert raster images and other image formats, that may lead to a denial of service (application crash) or unspecified other impact. For Debian 7 |
last seen | 2020-03-17 |
modified | 2018-04-10 |
plugin id | 108901 |
published | 2018-04-10 |
reporter | This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/108901 |
title | Debian DLA-1340-1 : sam2p security update |
References
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891527
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891527
- https://github.com/pts/sam2p/issues/32
- https://github.com/pts/sam2p/issues/32
- https://lists.debian.org/debian-lts-announce/2018/04/msg00004.html
- https://lists.debian.org/debian-lts-announce/2018/04/msg00004.html