ID CVE-2018-7554
Summary There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
References
Vulnerable Configurations
  • cpe:2.3:a:sam2p_project:sam2p:0.49.4:*:*:*:*:*:*:*
    cpe:2.3:a:sam2p_project:sam2p:0.49.4:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 01-03-2019 - 17:12)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
misc
mlist [debian-lts-announce] 20180406 [SECURITY] [DLA 1340-1] sam2p security update
Last major update 01-03-2019 - 17:12
Published 28-02-2018 - 06:29
Last modified 01-03-2019 - 17:12
Back to Top