CVE-2017-9164: autotrace: Multiple security issues

Severity: Critical

CVSS Score: 9.8

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.