CVE-2017-16663

Опубликовано: 08 нояб. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.

Ссылки

https://github.com/pts/sam2p/issues/16
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00031.html
https://github.com/pts/sam2p/issues/16
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00031.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sam2p_project:sam2p:0.49.4:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00175

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2017-16663

CVSS3: 5.5

ubuntu

около 8 лет назад

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.

CVE-2017-16663

CVSS3: 5.5

debian

около 8 лет назад

In sam2p 0.49.4, there are integer overflows (with resultant heap-base ...

GHSA-prvx-c5j5-9gxq

CVSS3: 5.5

github

больше 3 лет назад

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.

EPSS

Процентиль: 39%

0.00175

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190