libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) CVE-2015-7507CVE-2015-7508