| Description: | Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. It was discovered that Leptonica incorrectly handled input arguments. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
|