Potrace 1.12 testing Denial Of Service Vulnerability

Summary

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image

Credit:

The information has been provided by Agostino Sarubbo.
The original article can be found at: http://www.securityfocus.com/bid/93778


Details

Vulnerable Systems:
 * Potrace 1.12

Potrace is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.

CVE Information:
CVE-2016-8694

Disclosure Timeline:
Publish Date : 2017-01-31
Last Update Date : 2017-02-05

Categories: News