AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact (CVE-2019-19005)

  - autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c (CVE-2022-32323)

  - Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace     0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image     file. (CVE-2016-7392)

  - A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an     unexpected input value to malloc via a malformed bitmap image. (CVE-2019-19004)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact (CVE-2019-19005)

  - autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c (CVE-2022-32323)

  - A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an     unexpected input value to malloc via a malformed bitmap image. (CVE-2019-19004)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3067 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:3067 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3067 advisory.

  - autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-2589 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2589 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2589 advisory.

  - autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-144 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10197-1 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10199-1 advisory.

  - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
    (CVE-2022-32323)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
195435	RHEL 6 : autotrace (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
195412	RHEL 7 : autotrace (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
176189	AlmaLinux 8 : autotrace (ALSA-2023:3067)	Nessus	Alma Linux Local Security Checks	high
175885	CentOS 8 : autotrace (CESA-2023:3067)	Nessus	CentOS Local Security Checks	high
175851	RHEL 8 : autotrace (RHSA-2023:3067)	Nessus	Red Hat Local Security Checks	high
175725	Oracle Linux 9 : autotrace (ELSA-2023-2589)	Nessus	Oracle Linux Local Security Checks	high
175605	AlmaLinux 9 : autotrace (ALSA-2023:2589)	Nessus	Alma Linux Local Security Checks	high
175481	RHEL 9 : autotrace (RHSA-2023:2589)	Nessus	Red Hat Local Security Checks	high
173334	Amazon Linux 2023 : autotrace, autotrace-devel (ALAS2023-2023-144)	Nessus	Amazon Linux Local Security Checks	high
167348	openSUSE 15 Security Update : autotrace (openSUSE-SU-2022:10197-1)	Nessus	SuSE Local Security Checks	high
167338	openSUSE 15 Security Update : autotrace (openSUSE-SU-2022:10199-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2022-32323

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high