Red Hat Customer Portal

Skip to main content

CVE-2013-1953

Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.

Details Source

Mitre

Public Date

2013-04-16 00:00:00

Impact

Low

Bugzilla

CVE-2013-1953 autotrace: buffer overflow when parsing BMP files

Bugzilla ID

951 257

CVSS Status

draft

Base Score

2.10

Base Metrics

AV:L/AC:L/Au:N/C:N/I:N/A:P

Acknowledgements

This issue was discovered by Murray McAllister of Red Hat Security Response Team.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 autotrace Not affected
Red Hat Enterprise Linux 6 autotrace Will not fix