CVE-2017-9203

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-9203
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9203.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-9203
Published
2017-05-23T04:29:04Z
Modified
2025-10-21T04:23:01.616394Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c.

References

Affected packages

Git / github.com/jsummers/imageworsener

Affected ranges

Type
GIT
Repo
https://github.com/jsummers/imageworsener
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a4f247707f08e322f0b41e82c3e06e224240a654

Affected versions

0.*

0.9.0
0.9.1
0.9.10
0.9.2
0.9.3
0.9.4
0.9.5
0.9.6
0.9.8
0.9.9

1.*

1.0.0
1.1.0
1.2.0
1.3.0
1.3.1

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/jsummers/imageworsener/commit/a4f247707f08e322f0b41e82c3e06e224240a654",
        "target": {
            "file": "src/imagew-main.c"
        },
        "deprecated": false,
        "id": "CVE-2017-9203-002553e4",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "218500869775463155864433237659639867207",
                "193167762036235343022760774489131609405",
                "333578339167930049731046115447589874644",
                "91776523121031592340106112871251997524",
                "289388291240302532879899858142364108663",
                "174182290315879414743709116524846041842",
                "27986189553614977977455481140174776694",
                "3323958158227007696071109055872875816",
                "286143772997735978190989022114885017400",
                "241017638633500249094261730053194258521",
                "298057093936260266230715865699306860499",
                "243935821140756539045823118560951786214"
            ]
        }
    },
    {
        "source": "https://github.com/jsummers/imageworsener/commit/a4f247707f08e322f0b41e82c3e06e224240a654",
        "target": {
            "function": "bmpr_read_rle",
            "file": "src/imagew-bmp.c"
        },
        "deprecated": false,
        "id": "CVE-2017-9203-228a3712",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 822.0,
            "function_hash": "20539719386797494308739964418166439994"
        }
    },
    {
        "source": "https://github.com/jsummers/imageworsener/commit/a4f247707f08e322f0b41e82c3e06e224240a654",
        "target": {
            "file": "src/imagew-bmp.c"
        },
        "deprecated": false,
        "id": "CVE-2017-9203-c8cb6aeb",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "117203958320488520911819161884144592386",
                "318800385161155127171724650122834101039",
                "334777873059265650328874176965897776854",
                "276076985501961703135434370616361126775",
                "156644455302811225219272981957818338012",
                "168059885875392924354706682788258305632",
                "266217394525127986351806203274505126008"
            ]
        }
    },
    {
        "source": "https://github.com/jsummers/imageworsener/commit/a4f247707f08e322f0b41e82c3e06e224240a654",
        "target": {
            "function": "iw_process_rows_intermediate_to_final",
            "file": "src/imagew-main.c"
        },
        "deprecated": false,
        "id": "CVE-2017-9203-f7fe2c10",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 4162.0,
            "function_hash": "32764372364982641320311033018907461660"
        }
    }
]