Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-07-19
Updated
2008-09-05
An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the sanei_configure_attach() function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c via a long init_mode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
3 vulnerabilities found