A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.00095
Percentile:
0.27515
CVSS Scoring
CVSS v3.1 Score: 5.5
Severity: MEDIUM
Mapped CWE(s)
-
CWE-125
: Out-of-bounds Read
All CAPEC(s)
-
CAPEC-540: Overread Buffers
CAPEC(s) with Mapped TTPs
Mapped ATT&CK TTPs
Affected Products
- cpe:2.3:a:htmldoc_project:htmldoc:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
← Back to Home