Integer Overflow and NULL Pointer Dereference in libbpg's image_alloc function

Integer Overflow and NULL Pointer Dereference in libbpg's image_alloc function

CVE-2017-13136 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference.

Learn more about our Web Application Penetration Testing UK.