Base Score

HIGH7.3

CVE-2022-32323

AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

VectorLOCAL

Published Bycve@mitre.org

Published DateJul 14, 2022, 21:15

Weakness Type (CWE):CWE-787

CVSS Metrics

Base Score

7.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

LOW

References

https://github.com/autotrace/autotrace/commit/2b44c173027736c64b3f379bd154c41bab745423
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CZVCQH4L7KC5GXLU6SCESXR5TGSKQ2H/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKZPC4WCDOJ7BPJOMZ46AV27RCABZRYA/

Base Score

HIGH7.3

Weakness Type (CWE):CWE-787

CVSS Metrics

Base Score

7.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

LOW