Vulnerabilities > Sam2P Project > Sam2P > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-20 CVE-2018-12601 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
network
low complexity
sam2p-project debian CWE-787
7.5
2018-06-19 CVE-2018-12578 Out-of-bounds Write vulnerability in Sam2P Project Sam2P 0.49.4
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
network
low complexity
sam2p-project CWE-787
7.5
2018-05-26 CVE-2018-11490 Improper Validation of Array Index vulnerability in multiple products
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked.
8.8
2018-05-26 CVE-2018-11489 Improper Validation of Array Index vulnerability in multiple products
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked.
network
low complexity
sam2p-project giflib-project CWE-129
8.8
2018-02-28 CVE-2018-7554 Use After Free vulnerability in multiple products
There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-416
7.5
2018-02-28 CVE-2018-7553 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-787
7.5
2018-02-28 CVE-2018-7552 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-119
7.5
2018-02-28 CVE-2018-7551 Use After Free vulnerability in multiple products
There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-416
7.5
2017-09-22 CVE-2017-14637 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sam2P Project Sam2P 0.49.3
In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp.
network
low complexity
sam2p-project CWE-119
7.5
2017-09-22 CVE-2017-14636 Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.3
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp.
network
low complexity
sam2p-project CWE-190
7.5