Vulnerabilities > Sam2P Project

DATE CVE VULNERABILITY TITLE RISK
2018-02-26 CVE-2018-7487 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4.
local
low complexity
sam2p-project debian CWE-787
7.8
2017-11-08 CVE-2017-16663 Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.4
In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.
local
low complexity
sam2p-project CWE-190
5.5
2017-09-22 CVE-2017-14637 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp.
network
low complexity
sam2p-project CWE-119
critical
9.8
2017-09-22 CVE-2017-14636 Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.3
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp.
network
low complexity
sam2p-project CWE-190
critical
9.8
2017-09-21 CVE-2017-14631 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integer signedness error leading to a heap-based buffer overflow.
network
low complexity
sam2p-project CWE-119
critical
9.8
2017-09-21 CVE-2017-14630 Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation.
network
low complexity
sam2p-project CWE-190
critical
9.8
2017-09-21 CVE-2017-14629 Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element.
network
low complexity
sam2p-project CWE-190
7.5
2017-09-21 CVE-2017-14628 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp.
network
low complexity
sam2p-project CWE-119
critical
9.8