Vulnerabilities > Potrace Project

DATE CVE VULNERABILITY TITLE RISK
2017-08-01 CVE-2017-12067 Out-of-bounds Read vulnerability in Potrace Project Potrace 1.14
Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.
network
low complexity
potrace-project CWE-125
7.5
2017-03-26 CVE-2017-7263 Out-of-bounds Read vulnerability in Potrace Project Potrace 1.14
The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image.
local
low complexity
potrace-project CWE-125
7.8
2017-01-31 CVE-2016-8703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8702 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8701 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8700 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8699 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8698 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.
local
low complexity
potrace-project CWE-119
7.8
2017-01-31 CVE-2016-8697 Divide By Zero vulnerability in Potrace Project Potrace
The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.
local
low complexity
potrace-project CWE-369
5.5
2017-01-31 CVE-2016-8696 NULL Pointer Dereference vulnerability in Potrace Project Potrace
The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.
local
low complexity
potrace-project CWE-476
5.5