Lucene search

K

RedhatCVELIST:CVE-2009-4274

HistoryFeb 12, 2010 - 9:00 p.m.

CVE-2009-4274

2010-02-1221:00:00

redhat

www.cve.org

7.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.

References

lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html

netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076

netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup

secunia.com/advisories/38530

secunia.com/advisories/38915

www.debian.org/security/2010/dsa-2026

www.mandriva.com/security/advisories?name=MDVSA-2010:039

www.openwall.com/lists/oss-security/2010/02/09/11

www.redhat.com/support/errata/RHSA-2011-1811.html

www.securityfocus.com/bid/38164

www.vupen.com/english/advisories/2010/0358

www.vupen.com/english/advisories/2010/0780

bugzilla.redhat.com/show_bug.cgi?id=546580

exchange.xforce.ibmcloud.com/vulnerabilities/56207

7.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

Related for CVELIST:CVE-2009-4274

nessus15 openvas21 nvd1 cve1 ubuntucve1 altlinux1 debian2 osv1 veracode3 gentoo1 debiancve1 prion1 ubuntu1 centos1 redhat1 oraclelinux1