Search criteria
37 vulnerabilities found for netpbm by netpbm
CVE-2017-2587 (GCVE-0-2017-2587)
Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96702"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96702"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96702"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2587",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2580 (GCVE-0-2017-2580)
Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Severity ?
4.5 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96712"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T14:06:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96712"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96712"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2580",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2581 (GCVE-0-2017-2581)
Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Severity ?
4.5 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2581",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2586 (GCVE-0-2017-2586)
Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96708"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2586",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2579 (GCVE-0-2017-2579)
Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T14:06:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2579",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4274 (GCVE-0-2009-4274)
Vulnerability from cvelistv5 – Published: 2010-02-12 21:00 – Updated: 2024-08-07 06:54
VLAI?
Summary
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2011:1811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"name": "ADV-2010-0358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"name": "38530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38530"
},
{
"name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"name": "ADV-2010-0780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"name": "netpbm-xpm-bo(56207)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "DSA-2026",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "38164",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38164"
},
{
"name": "MDVSA-2010:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2011:1811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"name": "ADV-2010-0358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"name": "38530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38530"
},
{
"name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"name": "ADV-2010-0780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"name": "netpbm-xpm-bo(56207)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "DSA-2026",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "38164",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38164"
},
{
"name": "MDVSA-2010:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4274",
"datePublished": "2010-02-12T21:00:00",
"dateReserved": "2009-12-10T00:00:00",
"dateUpdated": "2024-08-07T06:54:10.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4799 (GCVE-0-2008-4799)
Vulnerability from cvelistv5 – Published: 2008-10-30 22:00 – Updated: 2024-08-07 10:31
VLAI?
Summary
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:31:27.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY",
"refsource": "CONFIRM",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4799",
"datePublished": "2008-10-30T22:00:00",
"dateReserved": "2008-10-30T00:00:00",
"dateUpdated": "2024-08-07T10:31:27.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0554 (GCVE-0-2008-0554)
Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:46
VLAI?
Summary
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"name": "27682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27682"
},
{
"name": "RHSA-2008:0131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"name": "oval:org.mitre.oval:def:10975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"name": "29079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29079"
},
{
"name": "MDVSA-2008:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"name": "1019358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019358"
},
{
"name": "32607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32607"
},
{
"name": "30280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30280"
},
{
"name": "ADV-2008-0460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"name": "DSA-1579",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"name": "27682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27682"
},
{
"name": "RHSA-2008:0131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"name": "oval:org.mitre.oval:def:10975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"name": "29079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29079"
},
{
"name": "MDVSA-2008:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"name": "1019358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019358"
},
{
"name": "32607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32607"
},
{
"name": "30280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30280"
},
{
"name": "ADV-2008-0460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"name": "DSA-1579",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.rpath.com/browse/RPL-2216"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-0554",
"datePublished": "2008-02-08T01:00:00",
"dateReserved": "2008-02-01T00:00:00",
"dateUpdated": "2024-08-07T07:46:54.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3145 (GCVE-0-2006-3145)
Vulnerability from cvelistv5 – Published: 2006-06-22 22:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:06.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18525"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18525"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20775"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=425770",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18525"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3145",
"datePublished": "2006-06-22T22:00:00",
"dateReserved": "2006-06-22T00:00:00",
"dateUpdated": "2024-08-07T18:16:06.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3632 (GCVE-0-2005-3632)
Vulnerability from cvelistv5 – Published: 2005-11-21 22:00 – Updated: 2024-08-07 23:17
VLAI?
Summary
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"name": "RHSA-2005:843",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"name": "17544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17544"
},
{
"name": "15514",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15514"
},
{
"name": "oval:org.mitre.oval:def:11165",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"name": "ADV-2005-2418",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"name": "MDKSA-2005:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"name": "17679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17679"
},
{
"name": "17828",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17828"
},
{
"name": "18186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18186"
},
{
"name": "17671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17671"
},
{
"name": "USN-218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/218-1/"
},
{
"name": "DSA-904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"name": "RHSA-2005:843",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"name": "17544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17544"
},
{
"name": "15514",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15514"
},
{
"name": "oval:org.mitre.oval:def:11165",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"name": "ADV-2005-2418",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"name": "MDKSA-2005:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"name": "17679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17679"
},
{
"name": "17828",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17828"
},
{
"name": "18186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18186"
},
{
"name": "17671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17671"
},
{
"name": "USN-218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/218-1/"
},
{
"name": "DSA-904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-904"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3632",
"datePublished": "2005-11-21T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2978 (GCVE-0-2005-2978)
Vulnerability from cvelistv5 – Published: 2005-10-18 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-210-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/210-1/"
},
{
"name": "1015071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015071"
},
{
"name": "ADV-2005-2133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name": "17282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17282"
},
{
"name": "DSA-878",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"name": "17221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17221"
},
{
"name": "17357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17357"
},
{
"name": "RHSA-2005:793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name": "17256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17256"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name": "17265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17265"
},
{
"name": "17222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17222"
},
{
"name": "SUSE-SR:2005:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name": "GLSA-200510-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name": "15128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15128"
},
{
"name": "oval:org.mitre.oval:def:10135",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-210-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/210-1/"
},
{
"name": "1015071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015071"
},
{
"name": "ADV-2005-2133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name": "17282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17282"
},
{
"name": "DSA-878",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"name": "17221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17221"
},
{
"name": "17357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17357"
},
{
"name": "RHSA-2005:793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name": "17256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17256"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name": "17265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17265"
},
{
"name": "17222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17222"
},
{
"name": "SUSE-SR:2005:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name": "GLSA-200510-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name": "15128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15128"
},
{
"name": "oval:org.mitre.oval:def:10135",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2978",
"datePublished": "2005-10-18T04:00:00",
"dateReserved": "2005-09-19T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2471 (GCVE-0-2005-2471)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:00.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netpbm-dsafer-command-execution(21500)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21500"
},
{
"name": "14379",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14379"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645"
},
{
"name": "2005-0038",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0038/"
},
{
"name": "DSA-1021",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1021"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757"
},
{
"name": "18330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18330"
},
{
"name": "1014752",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014752"
},
{
"name": "19436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19436"
},
{
"name": "16184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16184"
},
{
"name": "RHSA-2005:743",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-743.html"
},
{
"name": "18253",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pstopnm in netpbm does not properly use the \"-dSAFER\" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netpbm-dsafer-command-execution(21500)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21500"
},
{
"name": "14379",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14379"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645"
},
{
"name": "2005-0038",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0038/"
},
{
"name": "DSA-1021",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1021"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757"
},
{
"name": "18330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18330"
},
{
"name": "1014752",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014752"
},
{
"name": "19436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19436"
},
{
"name": "16184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16184"
},
{
"name": "RHSA-2005:743",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-743.html"
},
{
"name": "18253",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18253"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2471",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pstopnm in netpbm does not properly use the \"-dSAFER\" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netpbm-dsafer-command-execution(21500)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21500"
},
{
"name": "14379",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14379"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11645",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645"
},
{
"name": "2005-0038",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0038/"
},
{
"name": "DSA-1021",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1021"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757"
},
{
"name": "18330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18330"
},
{
"name": "1014752",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014752"
},
{
"name": "19436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19436"
},
{
"name": "16184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16184"
},
{
"name": "RHSA-2005:743",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-743.html"
},
{
"name": "18253",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18253"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2471",
"datePublished": "2005-08-05T04:00:00",
"dateReserved": "2005-08-05T00:00:00",
"dateUpdated": "2024-08-07T22:30:00.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2587 (GCVE-0-2017-2587)
Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96702"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96702"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96702"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2587",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2580 (GCVE-0-2017-2580)
Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Severity ?
4.5 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96712"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T14:06:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96712"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96712"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580"
},
{
"name": "openSUSE-SU-2019:1605",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2580",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2581 (GCVE-0-2017-2581)
Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Severity ?
4.5 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2581"
},
{
"name": "96710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2581",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2586 (GCVE-0-2017-2586)
Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96708"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2586"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2586",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2579 (GCVE-0-2017-2579)
Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 13:55
VLAI?
Summary
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:06.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netpbm",
"vendor": "Netpbm",
"versions": [
{
"status": "affected",
"version": "10.61"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T14:06:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netpbm",
"version": {
"version_data": [
{
"version_value": "10.61"
}
]
}
}
]
},
"vendor_name": "Netpbm"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579"
},
{
"name": "96714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96714"
},
{
"name": "openSUSE-SU-2019:1605",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2579",
"datePublished": "2018-07-27T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:55:06.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4274 (GCVE-0-2009-4274)
Vulnerability from nvd – Published: 2010-02-12 21:00 – Updated: 2024-08-07 06:54
VLAI?
Summary
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2011:1811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"name": "ADV-2010-0358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"name": "38530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38530"
},
{
"name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"name": "ADV-2010-0780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"name": "netpbm-xpm-bo(56207)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "DSA-2026",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "38164",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38164"
},
{
"name": "MDVSA-2010:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2011:1811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"name": "ADV-2010-0358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"name": "38530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38530"
},
{
"name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"name": "ADV-2010-0780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"name": "netpbm-xpm-bo(56207)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "DSA-2026",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "38164",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38164"
},
{
"name": "MDVSA-2010:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4274",
"datePublished": "2010-02-12T21:00:00",
"dateReserved": "2009-12-10T00:00:00",
"dateUpdated": "2024-08-07T06:54:10.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4799 (GCVE-0-2008-4799)
Vulnerability from nvd – Published: 2008-10-30 22:00 – Updated: 2024-08-07 10:31
VLAI?
Summary
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:31:27.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31871"
},
{
"name": "[oss-security] 20081023 Re: CVE Request (netpbm)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY",
"refsource": "CONFIRM",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"name": "FEDORA-2008-6999",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"name": "[oss-security] 20081022 CVE Request (netpbm)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"name": "FEDORA-2008-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"name": "netpbm-pamperspective-pngtopnm-bo(46054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4799",
"datePublished": "2008-10-30T22:00:00",
"dateReserved": "2008-10-30T00:00:00",
"dateUpdated": "2024-08-07T10:31:27.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0554 (GCVE-0-2008-0554)
Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:46
VLAI?
Summary
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"name": "27682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27682"
},
{
"name": "RHSA-2008:0131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"name": "oval:org.mitre.oval:def:10975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"name": "29079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29079"
},
{
"name": "MDVSA-2008:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"name": "1019358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019358"
},
{
"name": "32607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32607"
},
{
"name": "30280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30280"
},
{
"name": "ADV-2008-0460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"name": "DSA-1579",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-665-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"name": "27682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27682"
},
{
"name": "RHSA-2008:0131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"name": "oval:org.mitre.oval:def:10975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"name": "29079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29079"
},
{
"name": "MDVSA-2008:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"name": "1019358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019358"
},
{
"name": "32607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32607"
},
{
"name": "30280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30280"
},
{
"name": "ADV-2008-0460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"name": "DSA-1579",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.rpath.com/browse/RPL-2216"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-0554",
"datePublished": "2008-02-08T01:00:00",
"dateReserved": "2008-02-01T00:00:00",
"dateUpdated": "2024-08-07T07:46:54.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3145 (GCVE-0-2006-3145)
Vulnerability from nvd – Published: 2006-06-22 22:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:06.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18525"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18525"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name": "20775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20775"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=425770",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name": "2006-0037",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name": "20729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20729"
},
{
"name": "18525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18525"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3145",
"datePublished": "2006-06-22T22:00:00",
"dateReserved": "2006-06-22T00:00:00",
"dateUpdated": "2024-08-07T18:16:06.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3632 (GCVE-0-2005-3632)
Vulnerability from nvd – Published: 2005-11-21 22:00 – Updated: 2024-08-07 23:17
VLAI?
Summary
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"name": "RHSA-2005:843",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"name": "17544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17544"
},
{
"name": "15514",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15514"
},
{
"name": "oval:org.mitre.oval:def:11165",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"name": "ADV-2005-2418",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"name": "MDKSA-2005:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"name": "17679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17679"
},
{
"name": "17828",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17828"
},
{
"name": "18186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18186"
},
{
"name": "17671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17671"
},
{
"name": "USN-218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/218-1/"
},
{
"name": "DSA-904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"name": "RHSA-2005:843",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"name": "17544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17544"
},
{
"name": "15514",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15514"
},
{
"name": "oval:org.mitre.oval:def:11165",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"name": "ADV-2005-2418",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"name": "MDKSA-2005:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"name": "17679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17679"
},
{
"name": "17828",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17828"
},
{
"name": "18186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18186"
},
{
"name": "17671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17671"
},
{
"name": "USN-218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/218-1/"
},
{
"name": "DSA-904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-904"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3632",
"datePublished": "2005-11-21T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2978 (GCVE-0-2005-2978)
Vulnerability from nvd – Published: 2005-10-18 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-210-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/210-1/"
},
{
"name": "1015071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015071"
},
{
"name": "ADV-2005-2133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name": "17282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17282"
},
{
"name": "DSA-878",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"name": "17221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17221"
},
{
"name": "17357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17357"
},
{
"name": "RHSA-2005:793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name": "17256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17256"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name": "17265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17265"
},
{
"name": "17222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17222"
},
{
"name": "SUSE-SR:2005:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name": "GLSA-200510-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name": "15128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15128"
},
{
"name": "oval:org.mitre.oval:def:10135",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-210-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/210-1/"
},
{
"name": "1015071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015071"
},
{
"name": "ADV-2005-2133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name": "17282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17282"
},
{
"name": "DSA-878",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"name": "17221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17221"
},
{
"name": "17357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17357"
},
{
"name": "RHSA-2005:793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name": "17256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17256"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name": "17265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17265"
},
{
"name": "17222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17222"
},
{
"name": "SUSE-SR:2005:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name": "GLSA-200510-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name": "15128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15128"
},
{
"name": "oval:org.mitre.oval:def:10135",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2978",
"datePublished": "2005-10-18T04:00:00",
"dateReserved": "2005-09-19T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2009-4274
Vulnerability from fkie_nvd - Published: 2010-02-12 21:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html | ||
| secalert@redhat.com | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076 | ||
| secalert@redhat.com | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup | ||
| secalert@redhat.com | http://secunia.com/advisories/38530 | ||
| secalert@redhat.com | http://secunia.com/advisories/38915 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2026 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:039 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/02/09/11 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1811.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/38164 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/0358 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/0780 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=546580 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/56207 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38530 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38915 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2026 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/02/09/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1811.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/38164 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0358 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0780 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=546580 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/56207 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netpbm | netpbm | 10.0 | |
| netpbm | netpbm | 10.1 | |
| netpbm | netpbm | 10.2 | |
| netpbm | netpbm | 10.3 | |
| netpbm | netpbm | 10.4 | |
| netpbm | netpbm | 10.5 | |
| netpbm | netpbm | 10.6 | |
| netpbm | netpbm | 10.7 | |
| netpbm | netpbm | 10.8 | |
| netpbm | netpbm | 10.9 | |
| netpbm | netpbm | 10.10 | |
| netpbm | netpbm | 10.11 | |
| netpbm | netpbm | 10.12 | |
| netpbm | netpbm | 10.13 | |
| netpbm | netpbm | 10.14 | |
| netpbm | netpbm | 10.15 | |
| netpbm | netpbm | 10.16 | |
| netpbm | netpbm | 10.17 | |
| netpbm | netpbm | 10.18 | |
| netpbm | netpbm | 10.19 | |
| netpbm | netpbm | 10.20 | |
| netpbm | netpbm | 10.21 | |
| netpbm | netpbm | 10.22 | |
| netpbm | netpbm | 10.23 | |
| netpbm | netpbm | 10.24 | |
| netpbm | netpbm | 10.25 | |
| netpbm | netpbm | 10.26 | |
| netpbm | netpbm | 10.27 | |
| netpbm | netpbm | 10.28 | |
| netpbm | netpbm | 10.29 | |
| netpbm | netpbm | 10.30 | |
| netpbm | netpbm | 10.31 | |
| netpbm | netpbm | 10.32 | |
| netpbm | netpbm | 10.33 | |
| netpbm | netpbm | 10.34 | |
| netpbm | netpbm | 10.35.00 | |
| netpbm | netpbm | 10.35.01 | |
| netpbm | netpbm | 10.35.02 | |
| netpbm | netpbm | 10.35.03 | |
| netpbm | netpbm | 10.35.04 | |
| netpbm | netpbm | 10.35.05 | |
| netpbm | netpbm | 10.35.06 | |
| netpbm | netpbm | 10.35.07 | |
| netpbm | netpbm | 10.35.08 | |
| netpbm | netpbm | 10.35.09 | |
| netpbm | netpbm | 10.35.10 | |
| netpbm | netpbm | 10.35.11 | |
| netpbm | netpbm | 10.35.12 | |
| netpbm | netpbm | 10.35.13 | |
| netpbm | netpbm | 10.35.14 | |
| netpbm | netpbm | 10.35.15 | |
| netpbm | netpbm | 10.35.16 | |
| netpbm | netpbm | 10.35.17 | |
| netpbm | netpbm | 10.35.18 | |
| netpbm | netpbm | 10.35.19 | |
| netpbm | netpbm | 10.35.20 | |
| netpbm | netpbm | 10.35.21 | |
| netpbm | netpbm | 10.35.22 | |
| netpbm | netpbm | 10.35.23 | |
| netpbm | netpbm | 10.35.24 | |
| netpbm | netpbm | 10.35.25 | |
| netpbm | netpbm | 10.35.26 | |
| netpbm | netpbm | 10.35.27 | |
| netpbm | netpbm | 10.35.28 | |
| netpbm | netpbm | 10.35.29 | |
| netpbm | netpbm | 10.35.30 | |
| netpbm | netpbm | 10.35.31 | |
| netpbm | netpbm | 10.35.32 | |
| netpbm | netpbm | 10.35.33 | |
| netpbm | netpbm | 10.35.34 | |
| netpbm | netpbm | 10.35.35 | |
| netpbm | netpbm | 10.35.36 | |
| netpbm | netpbm | 10.35.37 | |
| netpbm | netpbm | 10.35.38 | |
| netpbm | netpbm | 10.35.39 | |
| netpbm | netpbm | 10.35.40 | |
| netpbm | netpbm | 10.35.41 | |
| netpbm | netpbm | 10.35.42 | |
| netpbm | netpbm | 10.35.43 | |
| netpbm | netpbm | 10.35.44 | |
| netpbm | netpbm | 10.35.45 | |
| netpbm | netpbm | 10.35.46 | |
| netpbm | netpbm | 10.35.47 | |
| netpbm | netpbm | 10.36.00 | |
| netpbm | netpbm | 10.37.00 | |
| netpbm | netpbm | 10.38.00 | |
| netpbm | netpbm | 10.39.00 | |
| netpbm | netpbm | 10.40.00 | |
| netpbm | netpbm | 10.41.00 | |
| netpbm | netpbm | 10.42.00 | |
| netpbm | netpbm | 10.43.00 | |
| netpbm | netpbm | 10.44.00 | |
| netpbm | netpbm | 10.45.00 | |
| netpbm | netpbm | 10.46.00 | |
| netpbm | netpbm | 10.47.00 | |
| netpbm | netpbm | 10.47.01 | |
| netpbm | netpbm | 10.47.02 | |
| netpbm | netpbm | 10.47.03 | |
| netpbm | netpbm | 10.47.04 | |
| netpbm | netpbm | 10.47.05 | |
| netpbm | netpbm | 10.47.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79F02C3-950F-4D47-971A-3C1367F1642C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0344253A-AF59-499B-81DF-5494A34B115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7297482-7D30-484A-8F8D-AFEA2E468725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93BA3D19-C291-468E-9E4E-E8374AE1BD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85CF9240-FAEE-4BA2-8374-8B81F738521A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45457716-9219-4A88-A824-B45FA16643D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "93A0526D-918E-4FAE-90AF-2BA49F9D5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD350ED-1327-483A-BF73-02AB9924EDED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98C11849-BCD4-4982-A779-435669BD668F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C94984E9-22EE-4B24-AFCB-52137A871117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23B10069-89E1-4E63-BCFF-C210CE3C5655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC42B061-EB8E-49B4-B041-42B31672C42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE142A-4F71-4452-8DAD-9D6BA11EBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "179366EE-D637-4345-8759-81D5E12EFFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.14:*:*:*:*:*:*:*",
"matchCriteriaId": "725CFC44-43C8-47FF-9935-FA006B6338FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3A331F93-08C2-4F45-98AD-46DBE38A9785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFB0157-CF91-4FCB-8786-4024595B3EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.17:*:*:*:*:*:*:*",
"matchCriteriaId": "92045C29-20B4-46D0-9643-491BB0642D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.18:*:*:*:*:*:*:*",
"matchCriteriaId": "148A51ED-1A00-45D3-934E-96CA2759F5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.19:*:*:*:*:*:*:*",
"matchCriteriaId": "77BE0692-E688-4438-98C7-FA1FCE05F41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1904CB89-F576-4DFF-9639-9263D0ADE0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.21:*:*:*:*:*:*:*",
"matchCriteriaId": "50D11F39-3B4F-43E4-AC5E-E1B5931BCBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97023E9B-520D-4E6F-BA7F-052BA89BF2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.23:*:*:*:*:*:*:*",
"matchCriteriaId": "93A152B4-8483-4874-88C0-4679831BB60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBAE4A7-B0E1-4E50-8775-CAEF3E49B7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE78BA1-4001-4676-8BCB-FBC081A5D733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FF606C17-AD8A-4D81-AB55-50B0C4B7763F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.27:*:*:*:*:*:*:*",
"matchCriteriaId": "906047FD-1D75-4F97-977D-2A22A1DC87B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA92693-6629-4A8D-9C54-418569C852F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F078E1C6-3FB7-415B-A49A-455BE55148B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9F97984A-04F4-4F69-B03B-D06FD0F21EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.31:*:*:*:*:*:*:*",
"matchCriteriaId": "53FB010A-9B82-41F9-9DDB-4DCC0BFA0365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.32:*:*:*:*:*:*:*",
"matchCriteriaId": "07292430-0952-4E40-9012-1DD5709D2F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.33:*:*:*:*:*:*:*",
"matchCriteriaId": "019C4B30-4F04-4068-80B1-884F9607EC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F74038FE-C361-415B-AC47-744D3792E707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6B8C20-2603-4BC6-A9C5-363E45B86492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.01:*:*:*:*:*:*:*",
"matchCriteriaId": "16998237-B53D-4E6C-B2E7-3C17BE483780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.02:*:*:*:*:*:*:*",
"matchCriteriaId": "4998E602-7E72-4ED9-806F-2DF117827F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A01D9E5-14BD-416D-8363-278FBA991BE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.04:*:*:*:*:*:*:*",
"matchCriteriaId": "59B55BD5-0E1C-4A13-965C-BAFBE480C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.05:*:*:*:*:*:*:*",
"matchCriteriaId": "EC498C66-4E32-4E4B-9BB0-3943CB963BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4F989C-B9AF-4A0D-A39E-A9405E38229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCC7D4D-09B1-4063-9FE8-F88032B91FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.08:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF8AB55-8A95-47CD-960A-E9A920632B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.09:*:*:*:*:*:*:*",
"matchCriteriaId": "FB45C9DA-9503-4F5C-8079-0C47E778EAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1D6ABC-D56F-4484-90D0-45CD3E7B682C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B48121BF-EDA1-4EAD-B24B-7BAF6668D4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9E079966-8423-4638-8A55-BC9F2412D4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE5E653-3B78-4DCE-9FE8-1126FC18D8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D339F6D7-9E9A-46C2-9823-E534F3BEBDC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A829E428-77AA-4B8F-B4E6-BB89F0054F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A6470755-BE74-49FB-B4C7-6869FB33A096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEFA0BB-1542-4A88-BC95-A60AAEF90D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.18:*:*:*:*:*:*:*",
"matchCriteriaId": "090C90E2-D688-44C2-88D7-E40F7D919FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.19:*:*:*:*:*:*:*",
"matchCriteriaId": "675512A2-6E2A-46BA-9237-114B4EA6248F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.20:*:*:*:*:*:*:*",
"matchCriteriaId": "185FF47F-321E-4D26-893D-BB4F4B532670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B402DB46-6103-4428-B6BF-9263D9270EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.22:*:*:*:*:*:*:*",
"matchCriteriaId": "599D4BAC-1266-4A30-A4C5-4BA13EC47F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.23:*:*:*:*:*:*:*",
"matchCriteriaId": "23241E2B-21B9-4C97-B865-5C3652C27401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A40DC0-AE35-4597-8A55-D5022289435E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C12B85A1-5607-4037-A362-0270EF710514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.26:*:*:*:*:*:*:*",
"matchCriteriaId": "03B39A1A-DC18-413E-A869-9D6C7C77BF8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4F62F30D-F8D9-4B47-9CFC-8F54B3F589C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.28:*:*:*:*:*:*:*",
"matchCriteriaId": "89B0ACB2-FE13-4145-8EAE-9D6FB7FEDD60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.29:*:*:*:*:*:*:*",
"matchCriteriaId": "0253F8B8-346C-40F0-9225-4593EAF39861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.30:*:*:*:*:*:*:*",
"matchCriteriaId": "2411D682-BEB2-41E0-B211-4E8EA0E551C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.31:*:*:*:*:*:*:*",
"matchCriteriaId": "97036446-8A06-4AB6-842B-2186A88FBB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.32:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9F56AC-906E-4713-83ED-79A8673F59BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.33:*:*:*:*:*:*:*",
"matchCriteriaId": "A77A17C7-C323-4182-A099-BB3E92BF12D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.34:*:*:*:*:*:*:*",
"matchCriteriaId": "82DB51EA-A050-417A-8603-97BD33ACB9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.35:*:*:*:*:*:*:*",
"matchCriteriaId": "48468D84-76E9-476D-8470-3950C8281118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.36:*:*:*:*:*:*:*",
"matchCriteriaId": "7472AD57-68B3-43BE-95D4-F21D39708A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.37:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA0C21F-DB95-43D9-B7B2-B076043828E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.38:*:*:*:*:*:*:*",
"matchCriteriaId": "3658F6EA-E897-4A24-AD82-F3EBD4567D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F887C654-43D9-4374-88D8-DCA800B7F449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.40:*:*:*:*:*:*:*",
"matchCriteriaId": "34001491-58AD-4F6C-9159-C27671EA1574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.41:*:*:*:*:*:*:*",
"matchCriteriaId": "347D3197-1915-4417-B72D-0C23BEFBAA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.42:*:*:*:*:*:*:*",
"matchCriteriaId": "0256E7B3-E119-41A4-B49D-4C08D364C22C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA3DD4D-28E0-4266-9024-A4DFF832512E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.44:*:*:*:*:*:*:*",
"matchCriteriaId": "02FAFCFB-0D3F-4906-ADCE-BF7F06167692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.45:*:*:*:*:*:*:*",
"matchCriteriaId": "EB184F25-C4ED-4655-B79D-6B00E22F9097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.46:*:*:*:*:*:*:*",
"matchCriteriaId": "43FC34D4-576B-46D6-B13C-EE17C0A5AAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.47:*:*:*:*:*:*:*",
"matchCriteriaId": "0618AF8A-0927-45CC-8BF5-93B1083B8147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.36.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A715086-7459-4E99-8936-49F77323D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.37.00:*:*:*:*:*:*:*",
"matchCriteriaId": "979690E7-827E-4131-A3CD-235340A2FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.38.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AD21B69B-5500-4130-9603-F46998AC7D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.39.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0E222667-1825-4377-AD6E-5C88979CD5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.40.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA2DCC3-007C-4EA4-BD2B-18C776D3CBAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.41.00:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A9A4DD-FCE5-4585-97A5-F91120F9F2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.42.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8E6AAC-2DFD-4E6F-BAFA-FC002E7FBF78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9C739F6A-7DA4-4069-827D-B78DA08E4C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.44.00:*:*:*:*:*:*:*",
"matchCriteriaId": "04BE3C40-8066-4C41-A566-F89236D5F112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.45.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A66AB52D-ECF8-4D0E-906F-7FA1AC41CD84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.46.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C11B4771-81FF-4FA4-AB56-0BD51AFF10D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.00:*:*:*:*:*:*:*",
"matchCriteriaId": "B15E831F-F5FB-487F-9359-A7188C2206BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.01:*:*:*:*:*:*:*",
"matchCriteriaId": "756FB7A1-2FD3-40A6-B992-5D5FF0E6A736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.02:*:*:*:*:*:*:*",
"matchCriteriaId": "51CEA68F-46F0-4795-9839-D961FC1A394F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6F7C0A-FF13-4C64-B9D3-5E71FCF87813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.04:*:*:*:*:*:*:*",
"matchCriteriaId": "B20DFC28-0489-404A-8783-DCA6157EACCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.05:*:*:*:*:*:*:*",
"matchCriteriaId": "533419D8-A51D-4C51-A898-7E9068722FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.47.06:*:*:*:*:*:*:*",
"matchCriteriaId": "E141EBC6-830D-4ADD-8D03-DB528FF3E117",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en converter/ppm/xpmtoppm.c en netpbm anterior a v10.47.07, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio(ca\u00edda de aplicaci\u00f3n) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo de imagen XPM que contiene un campo de cabecera (header) manipulado asociado con un valor alto del \u00edndice de color."
}
],
"id": "CVE-2009-4274",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-12T21:30:00.533",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"source": "secalert@redhat.com",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38530"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38915"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/38164"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4274\n\nThe Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
"lastModified": "2010-02-17T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-4799
Vulnerability from fkie_nvd - Published: 2008-10-31 00:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/10/22/7 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/10/23/2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31871 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/46054 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/10/22/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/10/23/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31871 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/46054 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netpbm | netpbm | * | |
| netpbm | netpbm | 8.1 | |
| netpbm | netpbm | 8.2 | |
| netpbm | netpbm | 8.3 | |
| netpbm | netpbm | 8.4 | |
| netpbm | netpbm | 9.0 | |
| netpbm | netpbm | 9.1 | |
| netpbm | netpbm | 9.2 | |
| netpbm | netpbm | 9.3 | |
| netpbm | netpbm | 9.4 | |
| netpbm | netpbm | 9.5 | |
| netpbm | netpbm | 9.6 | |
| netpbm | netpbm | 9.7 | |
| netpbm | netpbm | 9.8 | |
| netpbm | netpbm | 9.9 | |
| netpbm | netpbm | 9.10 | |
| netpbm | netpbm | 9.11 | |
| netpbm | netpbm | 9.12 | |
| netpbm | netpbm | 9.13 | |
| netpbm | netpbm | 9.14 | |
| netpbm | netpbm | 9.15 | |
| netpbm | netpbm | 9.16 | |
| netpbm | netpbm | 9.17 | |
| netpbm | netpbm | 9.18 | |
| netpbm | netpbm | 9.19 | |
| netpbm | netpbm | 9.20 | |
| netpbm | netpbm | 9.21 | |
| netpbm | netpbm | 9.22 | |
| netpbm | netpbm | 9.23 | |
| netpbm | netpbm | 9.24 | |
| netpbm | netpbm | 9.25 | |
| netpbm | netpbm | 10.0 | |
| netpbm | netpbm | 10.1 | |
| netpbm | netpbm | 10.2 | |
| netpbm | netpbm | 10.3 | |
| netpbm | netpbm | 10.4 | |
| netpbm | netpbm | 10.5 | |
| netpbm | netpbm | 10.6 | |
| netpbm | netpbm | 10.7 | |
| netpbm | netpbm | 10.8 | |
| netpbm | netpbm | 10.9 | |
| netpbm | netpbm | 10.10 | |
| netpbm | netpbm | 10.12 | |
| netpbm | netpbm | 10.13 | |
| netpbm | netpbm | 10.14 | |
| netpbm | netpbm | 10.15 | |
| netpbm | netpbm | 10.16 | |
| netpbm | netpbm | 10.17 | |
| netpbm | netpbm | 10.18 | |
| netpbm | netpbm | 10.19 | |
| netpbm | netpbm | 10.20 | |
| netpbm | netpbm | 10.21 | |
| netpbm | netpbm | 10.22 | |
| netpbm | netpbm | 10.23 | |
| netpbm | netpbm | 10.24 | |
| netpbm | netpbm | 10.25 | |
| netpbm | netpbm | 10.26 | |
| netpbm | netpbm | 10.27 | |
| netpbm | netpbm | 10.28 | |
| netpbm | netpbm | 10.29 | |
| netpbm | netpbm | 10.30 | |
| netpbm | netpbm | 10.31 | |
| netpbm | netpbm | 10.32 | |
| netpbm | netpbm | 10.33 | |
| netpbm | netpbm | 10.34 | |
| netpbm | netpbm | 10.35.00 | |
| netpbm | netpbm | 10.35.01 | |
| netpbm | netpbm | 10.35.02 | |
| netpbm | netpbm | 10.35.03 | |
| netpbm | netpbm | 10.35.04 | |
| netpbm | netpbm | 10.35.05 | |
| netpbm | netpbm | 10.35.06 | |
| netpbm | netpbm | 10.35.07 | |
| netpbm | netpbm | 10.35.08 | |
| netpbm | netpbm | 10.35.09 | |
| netpbm | netpbm | 10.35.10 | |
| netpbm | netpbm | 10.35.11 | |
| netpbm | netpbm | 10.35.12 | |
| netpbm | netpbm | 10.35.13 | |
| netpbm | netpbm | 10.35.14 | |
| netpbm | netpbm | 10.35.15 | |
| netpbm | netpbm | 10.35.16 | |
| netpbm | netpbm | 10.35.17 | |
| netpbm | netpbm | 10.35.18 | |
| netpbm | netpbm | 10.35.19 | |
| netpbm | netpbm | 10.35.20 | |
| netpbm | netpbm | 10.35.21 | |
| netpbm | netpbm | 10.35.22 | |
| netpbm | netpbm | 10.35.23 | |
| netpbm | netpbm | 10.35.24 | |
| netpbm | netpbm | 10.35.25 | |
| netpbm | netpbm | 10.35.26 | |
| netpbm | netpbm | 10.35.27 | |
| netpbm | netpbm | 10.35.28 | |
| netpbm | netpbm | 10.35.29 | |
| netpbm | netpbm | 10.35.30 | |
| netpbm | netpbm | 10.35.31 | |
| netpbm | netpbm | 10.35.32 | |
| netpbm | netpbm | 10.35.33 | |
| netpbm | netpbm | 10.35.34 | |
| netpbm | netpbm | 10.35.35 | |
| netpbm | netpbm | 10.35.36 | |
| netpbm | netpbm | 10.35.37 | |
| netpbm | netpbm | 10.35.38 | |
| netpbm | netpbm | 10.35.39 | |
| netpbm | netpbm | 10.35.40 | |
| netpbm | netpbm | 10.35.41 | |
| netpbm | netpbm | 10.35.42 | |
| netpbm | netpbm | 10.35.43 | |
| netpbm | netpbm | 10.35.44 | |
| netpbm | netpbm | 10.35.45 | |
| netpbm | netpbm | 10.35.46 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82963CDA-0BC3-4B7C-A4E8-4DE594791817",
"versionEndIncluding": "10.35.47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0FA58E-ED6E-428A-919B-385CADF04C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E377CD47-B4F8-49B0-B894-C7D0D9428897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C517BF8-DA92-4700-BEBE-EE07E86E4E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D633B098-9979-4D81-9122-A1A23B31C4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF35F07-D445-42C4-BB9B-261A20FF4BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58D13E0B-00CB-483D-8443-A400E62218DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9661931F-2DCF-41CE-952C-BE4AC2C9FBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "12F335C6-5A79-4550-8A7B-6913F5391FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35005AEB-02F1-46D7-8C15-C3F1D728B14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CC050899-40B9-41BE-B69D-97F3C40E9109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4940BA3B-51B3-42E8-AD3B-35920EEE1868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "16A77FB0-4E73-4E7D-8500-2E83931ADD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3D46BFA3-70FB-4841-A2E5-AF8C066020CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB0710E-96B4-4533-89DA-92FED546643B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F63560-A91B-4414-9EAB-42D4BBD68A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "53BA729C-B453-4B78-BFA9-FB653A22E25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "92E5C04B-55C9-4809-915D-E7F3E4FD711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0465F083-78C3-4A07-9BFE-AAFA5861B3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FED947-5586-420F-9F4E-1DB54EF7FADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.15:*:*:*:*:*:*:*",
"matchCriteriaId": "AD91C8C5-1248-4B6F-895A-DE8971B335B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9268261C-3E8B-49F8-A078-A034B062C904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.17:*:*:*:*:*:*:*",
"matchCriteriaId": "0F81484A-5277-4825-86B1-2C0B60442FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF598EC-4646-49DC-96F2-507FDF1288A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3866AE-D4E2-450E-838C-FC4C3E2BAB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F53F73-F07D-48A3-B19F-BE0A10BC15A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.21:*:*:*:*:*:*:*",
"matchCriteriaId": "610A654F-2779-4EDB-B3BF-6BB4E60A1B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F72046EA-E4D7-42B5-8A5E-E0719D30A063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.23:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE315C-30D3-4FEA-A5A0-00040487E8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5D0B01-B60C-4312-8D23-9DD1A527CD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.25:*:*:*:*:*:*:*",
"matchCriteriaId": "6A171D13-7A7E-4064-BF96-E99294016AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79F02C3-950F-4D47-971A-3C1367F1642C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0344253A-AF59-499B-81DF-5494A34B115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7297482-7D30-484A-8F8D-AFEA2E468725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93BA3D19-C291-468E-9E4E-E8374AE1BD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85CF9240-FAEE-4BA2-8374-8B81F738521A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45457716-9219-4A88-A824-B45FA16643D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "93A0526D-918E-4FAE-90AF-2BA49F9D5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD350ED-1327-483A-BF73-02AB9924EDED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98C11849-BCD4-4982-A779-435669BD668F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C94984E9-22EE-4B24-AFCB-52137A871117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23B10069-89E1-4E63-BCFF-C210CE3C5655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE142A-4F71-4452-8DAD-9D6BA11EBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "179366EE-D637-4345-8759-81D5E12EFFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.14:*:*:*:*:*:*:*",
"matchCriteriaId": "725CFC44-43C8-47FF-9935-FA006B6338FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3A331F93-08C2-4F45-98AD-46DBE38A9785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFB0157-CF91-4FCB-8786-4024595B3EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.17:*:*:*:*:*:*:*",
"matchCriteriaId": "92045C29-20B4-46D0-9643-491BB0642D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.18:*:*:*:*:*:*:*",
"matchCriteriaId": "148A51ED-1A00-45D3-934E-96CA2759F5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.19:*:*:*:*:*:*:*",
"matchCriteriaId": "77BE0692-E688-4438-98C7-FA1FCE05F41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1904CB89-F576-4DFF-9639-9263D0ADE0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.21:*:*:*:*:*:*:*",
"matchCriteriaId": "50D11F39-3B4F-43E4-AC5E-E1B5931BCBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97023E9B-520D-4E6F-BA7F-052BA89BF2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.23:*:*:*:*:*:*:*",
"matchCriteriaId": "93A152B4-8483-4874-88C0-4679831BB60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBAE4A7-B0E1-4E50-8775-CAEF3E49B7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE78BA1-4001-4676-8BCB-FBC081A5D733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FF606C17-AD8A-4D81-AB55-50B0C4B7763F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.27:*:*:*:*:*:*:*",
"matchCriteriaId": "906047FD-1D75-4F97-977D-2A22A1DC87B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA92693-6629-4A8D-9C54-418569C852F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F078E1C6-3FB7-415B-A49A-455BE55148B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9F97984A-04F4-4F69-B03B-D06FD0F21EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.31:*:*:*:*:*:*:*",
"matchCriteriaId": "53FB010A-9B82-41F9-9DDB-4DCC0BFA0365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.32:*:*:*:*:*:*:*",
"matchCriteriaId": "07292430-0952-4E40-9012-1DD5709D2F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.33:*:*:*:*:*:*:*",
"matchCriteriaId": "019C4B30-4F04-4068-80B1-884F9607EC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F74038FE-C361-415B-AC47-744D3792E707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6B8C20-2603-4BC6-A9C5-363E45B86492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.01:*:*:*:*:*:*:*",
"matchCriteriaId": "16998237-B53D-4E6C-B2E7-3C17BE483780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.02:*:*:*:*:*:*:*",
"matchCriteriaId": "4998E602-7E72-4ED9-806F-2DF117827F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5A01D9E5-14BD-416D-8363-278FBA991BE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.04:*:*:*:*:*:*:*",
"matchCriteriaId": "59B55BD5-0E1C-4A13-965C-BAFBE480C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.05:*:*:*:*:*:*:*",
"matchCriteriaId": "EC498C66-4E32-4E4B-9BB0-3943CB963BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4F989C-B9AF-4A0D-A39E-A9405E38229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCC7D4D-09B1-4063-9FE8-F88032B91FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.08:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF8AB55-8A95-47CD-960A-E9A920632B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.09:*:*:*:*:*:*:*",
"matchCriteriaId": "FB45C9DA-9503-4F5C-8079-0C47E778EAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1D6ABC-D56F-4484-90D0-45CD3E7B682C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B48121BF-EDA1-4EAD-B24B-7BAF6668D4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9E079966-8423-4638-8A55-BC9F2412D4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE5E653-3B78-4DCE-9FE8-1126FC18D8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D339F6D7-9E9A-46C2-9823-E534F3BEBDC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A829E428-77AA-4B8F-B4E6-BB89F0054F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A6470755-BE74-49FB-B4C7-6869FB33A096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEFA0BB-1542-4A88-BC95-A60AAEF90D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.18:*:*:*:*:*:*:*",
"matchCriteriaId": "090C90E2-D688-44C2-88D7-E40F7D919FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.19:*:*:*:*:*:*:*",
"matchCriteriaId": "675512A2-6E2A-46BA-9237-114B4EA6248F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.20:*:*:*:*:*:*:*",
"matchCriteriaId": "185FF47F-321E-4D26-893D-BB4F4B532670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B402DB46-6103-4428-B6BF-9263D9270EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.22:*:*:*:*:*:*:*",
"matchCriteriaId": "599D4BAC-1266-4A30-A4C5-4BA13EC47F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.23:*:*:*:*:*:*:*",
"matchCriteriaId": "23241E2B-21B9-4C97-B865-5C3652C27401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A40DC0-AE35-4597-8A55-D5022289435E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C12B85A1-5607-4037-A362-0270EF710514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.26:*:*:*:*:*:*:*",
"matchCriteriaId": "03B39A1A-DC18-413E-A869-9D6C7C77BF8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4F62F30D-F8D9-4B47-9CFC-8F54B3F589C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.28:*:*:*:*:*:*:*",
"matchCriteriaId": "89B0ACB2-FE13-4145-8EAE-9D6FB7FEDD60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.29:*:*:*:*:*:*:*",
"matchCriteriaId": "0253F8B8-346C-40F0-9225-4593EAF39861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.30:*:*:*:*:*:*:*",
"matchCriteriaId": "2411D682-BEB2-41E0-B211-4E8EA0E551C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.31:*:*:*:*:*:*:*",
"matchCriteriaId": "97036446-8A06-4AB6-842B-2186A88FBB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.32:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9F56AC-906E-4713-83ED-79A8673F59BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.33:*:*:*:*:*:*:*",
"matchCriteriaId": "A77A17C7-C323-4182-A099-BB3E92BF12D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.34:*:*:*:*:*:*:*",
"matchCriteriaId": "82DB51EA-A050-417A-8603-97BD33ACB9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.35:*:*:*:*:*:*:*",
"matchCriteriaId": "48468D84-76E9-476D-8470-3950C8281118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.36:*:*:*:*:*:*:*",
"matchCriteriaId": "7472AD57-68B3-43BE-95D4-F21D39708A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.37:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA0C21F-DB95-43D9-B7B2-B076043828E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.38:*:*:*:*:*:*:*",
"matchCriteriaId": "3658F6EA-E897-4A24-AD82-F3EBD4567D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F887C654-43D9-4374-88D8-DCA800B7F449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.40:*:*:*:*:*:*:*",
"matchCriteriaId": "34001491-58AD-4F6C-9159-C27671EA1574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.41:*:*:*:*:*:*:*",
"matchCriteriaId": "347D3197-1915-4417-B72D-0C23BEFBAA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.42:*:*:*:*:*:*:*",
"matchCriteriaId": "0256E7B3-E119-41A4-B49D-4C08D364C22C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA3DD4D-28E0-4266-9024-A4DFF832512E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.44:*:*:*:*:*:*:*",
"matchCriteriaId": "02FAFCFB-0D3F-4906-ADCE-BF7F06167692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.45:*:*:*:*:*:*:*",
"matchCriteriaId": "EB184F25-C4ED-4655-B79D-6B00E22F9097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.35.46:*:*:*:*:*:*:*",
"matchCriteriaId": "43FC34D4-576B-46D6-B13C-EE17C0A5AAE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "pamperspective en Netpbm anterior a v10.35.48 no calcula correctamente la altura de una ventana, lo que permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una archivo de imagen manipulado que dispara una lectura fuera de los l\u00edmites."
}
],
"id": "CVE-2008-4799",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-10-31T00:00:00.717",
"references": [
{
"source": "cve@mitre.org",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31871"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/10/22/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/10/23/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue can only cause pamperspective to crash when used on specially crafted messages. We do not consider this to be a security issue.",
"lastModified": "2008-10-31T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-0554
Vulnerability from fkie_nvd - Published: 2008-02-08 02:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056 | ||
| secalert@redhat.com | http://secunia.com/advisories/29079 | ||
| secalert@redhat.com | http://secunia.com/advisories/30280 | ||
| secalert@redhat.com | http://secunia.com/advisories/32607 | ||
| secalert@redhat.com | http://ubuntu.com/usn/usn-665-1 | ||
| secalert@redhat.com | http://www.debian.org/security/2008/dsa-1579 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2008:039 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2008-0131.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/27682 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1019358 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/0460 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-2216 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29079 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30280 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://ubuntu.com/usn/usn-665-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1579 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0131.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/27682 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019358 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2216 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCFE3C4-89EC-4BCF-9DB8-02586857C1D4",
"versionEndIncluding": "10.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
},
{
"lang": "es",
"value": "Desbordamiento de Buffer en la funci\u00f3n readImageData en giftopnm.c de netpbm en versiones anteriores a 10.27 y de netpbm en versiones anteriores a 10.27 permite a atacantes remotos con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de im\u00e1genes GIF manipuladas, similar a CVE-2006-4484."
}
],
"id": "CVE-2008-0554",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-02-08T02:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/29079"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/30280"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/32607"
},
{
"source": "secalert@redhat.com",
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/27682"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1019358"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-2216"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-665-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0131.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10975"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-3145
Vulnerability from fkie_nvd - Published: 2006-06-22 22:06 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/20729 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/20775 | ||
| cve@mitre.org | http://sourceforge.net/project/shownotes.php?release_id=425770 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/bid/18525 | Patch | |
| cve@mitre.org | http://www.trustix.org/errata/2006/0037 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/2449 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/27244 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20729 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20775 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?release_id=425770 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18525 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0037 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2449 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/27244 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9F97984A-04F4-4F69-B03B-D06FD0F21EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.31:*:*:*:*:*:*:*",
"matchCriteriaId": "53FB010A-9B82-41F9-9DDB-4DCC0BFA0365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.32:*:*:*:*:*:*:*",
"matchCriteriaId": "07292430-0952-4E40-9012-1DD5709D2F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.33:*:*:*:*:*:*:*",
"matchCriteriaId": "019C4B30-4F04-4068-80B1-884F9607EC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en pamtofits de NetPBM v10.30 hasta 10.33, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo de su elecci\u00f3n en el ensamblado de la cabecera, relacionado posiblemente con un error de superaci\u00f3n de l\u00edmite."
}
],
"id": "CVE-2006-3145",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-22T22:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20729"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20775"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18525"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affect the versions of NetPBM distributed with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3632
Vulnerability from fkie_nvd - Published: 2005-11-21 22:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/17544 | ||
| secalert@redhat.com | http://secunia.com/advisories/17671 | ||
| secalert@redhat.com | http://secunia.com/advisories/17679 | ||
| secalert@redhat.com | http://secunia.com/advisories/17828 | ||
| secalert@redhat.com | http://secunia.com/advisories/18186 | ||
| secalert@redhat.com | http://www.debian.org/security/2005/dsa-904 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2005:217 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2005_28_sr.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-843.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/15514 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2005/2418 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165 | ||
| secalert@redhat.com | https://usn.ubuntu.com/218-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17544 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17671 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17679 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17828 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18186 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-904 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:217 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_28_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-843.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15514 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2418 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/218-1/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F53F73-F07D-48A3-B19F-BE0A10BC15A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.21:*:*:*:*:*:*:*",
"matchCriteriaId": "610A654F-2779-4EDB-B3BF-6BB4E60A1B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F72046EA-E4D7-42B5-8A5E-E0719D30A063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.23:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE315C-30D3-4FEA-A5A0-00040487E8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5D0B01-B60C-4312-8D23-9DD1A527CD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:9.25:*:*:*:*:*:*:*",
"matchCriteriaId": "6A171D13-7A7E-4064-BF96-E99294016AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79F02C3-950F-4D47-971A-3C1367F1642C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file."
}
],
"id": "CVE-2005-3632",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-21T22:03:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17544"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17671"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17679"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17828"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18186"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-904"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/15514"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/218-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-843.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/218-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-2978
Vulnerability from fkie_nvd - Published: 2005-10-18 22:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/17221 | ||
| secalert@redhat.com | http://secunia.com/advisories/17222 | ||
| secalert@redhat.com | http://secunia.com/advisories/17256 | ||
| secalert@redhat.com | http://secunia.com/advisories/17265 | ||
| secalert@redhat.com | http://secunia.com/advisories/17282 | ||
| secalert@redhat.com | http://secunia.com/advisories/17357 | ||
| secalert@redhat.com | http://securitytracker.com/id?1015071 | ||
| secalert@redhat.com | http://www.debian.org/security/2005/dsa-878 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2005_24_sr.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-793.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/15128 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2005/2133 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278 | Exploit, Vendor Advisory | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135 | ||
| secalert@redhat.com | https://usn.ubuntu.com/210-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17222 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17256 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17265 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17282 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17357 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015071 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-878 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_24_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-793.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15128 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2133 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/210-1/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netpbm | netpbm | 10.0 | |
| netpbm | netpbm | 10.1 | |
| netpbm | netpbm | 10.2 | |
| netpbm | netpbm | 10.3 | |
| netpbm | netpbm | 10.4 | |
| netpbm | netpbm | 10.5 | |
| netpbm | netpbm | 10.6 | |
| netpbm | netpbm | 10.7 | |
| netpbm | netpbm | 10.8 | |
| netpbm | netpbm | 10.9 | |
| netpbm | netpbm | 10.10 | |
| netpbm | netpbm | 10.11 | |
| netpbm | netpbm | 10.12 | |
| netpbm | netpbm | 10.13 | |
| netpbm | netpbm | 10.14 | |
| netpbm | netpbm | 10.15 | |
| netpbm | netpbm | 10.16 | |
| netpbm | netpbm | 10.17 | |
| netpbm | netpbm | 10.18 | |
| netpbm | netpbm | 10.19 | |
| netpbm | netpbm | 10.20 | |
| netpbm | netpbm | 10.21 | |
| netpbm | netpbm | 10.22 | |
| netpbm | netpbm | 10.23 | |
| netpbm | netpbm | 10.24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79F02C3-950F-4D47-971A-3C1367F1642C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0344253A-AF59-499B-81DF-5494A34B115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7297482-7D30-484A-8F8D-AFEA2E468725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93BA3D19-C291-468E-9E4E-E8374AE1BD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85CF9240-FAEE-4BA2-8374-8B81F738521A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45457716-9219-4A88-A824-B45FA16643D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "93A0526D-918E-4FAE-90AF-2BA49F9D5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD350ED-1327-483A-BF73-02AB9924EDED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98C11849-BCD4-4982-A779-435669BD668F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C94984E9-22EE-4B24-AFCB-52137A871117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23B10069-89E1-4E63-BCFF-C210CE3C5655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC42B061-EB8E-49B4-B041-42B31672C42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE142A-4F71-4452-8DAD-9D6BA11EBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "179366EE-D637-4345-8759-81D5E12EFFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.14:*:*:*:*:*:*:*",
"matchCriteriaId": "725CFC44-43C8-47FF-9935-FA006B6338FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3A331F93-08C2-4F45-98AD-46DBE38A9785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFB0157-CF91-4FCB-8786-4024595B3EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.17:*:*:*:*:*:*:*",
"matchCriteriaId": "92045C29-20B4-46D0-9643-491BB0642D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.18:*:*:*:*:*:*:*",
"matchCriteriaId": "148A51ED-1A00-45D3-934E-96CA2759F5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.19:*:*:*:*:*:*:*",
"matchCriteriaId": "77BE0692-E688-4438-98C7-FA1FCE05F41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1904CB89-F576-4DFF-9639-9263D0ADE0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.21:*:*:*:*:*:*:*",
"matchCriteriaId": "50D11F39-3B4F-43E4-AC5E-E1B5931BCBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97023E9B-520D-4E6F-BA7F-052BA89BF2E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.23:*:*:*:*:*:*:*",
"matchCriteriaId": "93A152B4-8483-4874-88C0-4679831BB60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netpbm:netpbm:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBAE4A7-B0E1-4E50-8775-CAEF3E49B7EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack."
}
],
"id": "CVE-2005-2978",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-10-18T22:02:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17221"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17222"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17256"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17265"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17282"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17357"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1015071"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/15128"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/210-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/210-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-2471
Vulnerability from fkie_nvd - Published: 2005-08-05 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757 | ||
| cve@mitre.org | http://secunia.com/advisories/16184 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/18330 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/19436 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1014752 | ||
| cve@mitre.org | http://www.debian.org/security/2006/dsa-1021 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
| cve@mitre.org | http://www.osvdb.org/18253 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-743.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/14379 | ||
| cve@mitre.org | http://www.trustix.org/errata/2005/0038/ | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/21500 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/16184 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18330 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19436 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1014752 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/18253 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-743.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14379 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2005/0038/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/21500 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netpbm:netpbm:2.10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F0D2D-880B-44DA-BEF0-704CD7AE0B87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pstopnm in netpbm does not properly use the \"-dSAFER\" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands."
},
{
"lang": "es",
"value": "pstopnm en netpbm no usa adecuadamente la opci\u00f3n \"-dSAFER\" (cuando llama a Ghostscript para convertir un archivo PostScript en un pbm, pgm o pnm), lo que permite que atacantes remotos con la intervenci\u00f3n del usuario puedan ejecutar comandos arbitrarios."
}
],
"id": "CVE-2005-2471",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16184"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18330"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19436"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014752"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1021"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/18253"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-743.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14379"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0038/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21500"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/18253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-743.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0038/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11645"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}