Integer Overflow and Heap-Based Buffer Overflow in sam2p 0.49.4's ReadImage Function

Integer Overflow and Heap-Based Buffer Overflow in sam2p 0.49.4's ReadImage Function

CVE-2017-16663 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.

Learn more about our Web Application Penetration Testing UK.