ID CVE-2019-3574
Description In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.
CVSS
  • Score: 6.8
  • Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: PARTIAL
CWE-ID CWE-119
Last Modified Jan. 10, 2019
Available Solutions No solutions were found

CPE-ID

Application Name/CPE-IDVendorProductVersionList of Vulnerabilities
Libsixel_project Libsixel 1.8.2 libsixel project libsixel 1.8.2 8 Vulnerabilties for Libsixel_project Libsixel 1.8.2
Similar vulnerabilities

Pre-Condition

<set operator="and">
    <prop key="application" value="cpe:/a:libsixel_project:libsixel:1.8.2"/>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

								

Post-Condition

<set operator="and">
    <prop key="target" value="host"/>
  <set operator="or">
      <prop key="program_influence" value="input"/>
      <prop key="program_influence" value="output"/>
      <prop key="program_influence" value="existence"/>
  </set>
    <prop key="data" value="any"/>
  <set operator="or">
      <prop key="data_influence" value="read"/>
      <prop key="data_influence" value="write"/>
      <prop key="data_influence" value="delete"/>
  </set>
  <set operator="or">
      <prop key="range" value="remote"/>
      <prop key="range" value="local"/>
  </set>
</set>