CVE-2017-9166: autotrace: Multiple security issues

Severity: Critical

CVSS Score: 9.8

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.