Heap-based Buffer Overflow in Sagelight 4.4 and Earlier via Crafted BMP File

Heap-based Buffer Overflow in Sagelight 4.4 and Earlier via Crafted BMP File

CVE-2013-3480 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Integer overflow in Sagelight 4.4 and earlier allows remote attackers to execute arbitrary code via crafted width and height dimensions in a BMP file, which triggers a heap-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.