Heap-based buffer overflow in ImageWorsener - CVE-2017-8325
Published: June 6, 2017 / Updated: June 8, 2017
Vulnerability identifier: #VU6929
CSH Severity: Low
CVSS v4.0:
CVE-ID: CVE-2017-8325
CWE-ID: CWE-122
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Jason Summer
Affected software:
ImageWorsener
ImageWorsener
Detailed vulnerability description
The iw_process_cols_to_intermediate function in imagew-main.c in
libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers
to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted image.
How to mitigate CVE-2017-8325
Update to version 1.3.1.