An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 colors" case, aka case 4.
References
Link | Resource |
---|---|
https://github.com/dtschump/CImg/issues/185 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/09/msg00030.html | |
https://lists.debian.org/debian-lts-announce/2020/10/msg00033.html |
Configurations
Information
Published : 2018-03-02 06:29
Updated : 2020-11-02 13:15
NVD link : CVE-2018-7637
Mitre link : CVE-2018-7637
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
cimg
- cimg