Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200510-18
HistoryOct 20, 2005 - 12:00 a.m.

Netpbm: Buffer overflow in pnmtopng

2005-10-2000:00:00
Gentoo Foundation
security.gentoo.org
9

0.025 Low

EPSS

Percentile

90.2%

JSON

Background

Netpbm is a package of 220 graphics programs and a programming library, including pnmtopng, a tool to convert PNM image files to the PNG format.

Description

RedHat reported that pnmtopng is vulnerable to a buffer overflow.

Impact

An attacker could craft a malicious PNM file and entice a user to run pnmtopng on it, potentially resulting in the execution of arbitrary code with the permissions of the user running pnmtopng.

Workaround

There is no known workaround at this time.

Resolution

All Netpbm users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose media-libs/netpbm
OSVersionArchitecturePackageVersionFilename
Gentooanyallmedia-libs/netpbm< 10.29UNKNOWN

Related

openvas 8
nessus 7
ubuntucve 1
osv 1
centos 1
debiancve 1
ubuntu 1
securityvulns 1
cve 1
debian 2
freebsd 1
redhat 1
openvas
openvas
Debian Security Advisory DSA 878-1 (netpbm-free)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-878-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200510-18 (Netpbm)
2008-09-24 00:00:00
nessus
nessus
CentOS 4 : netpbm (CESA-2005:793)
2006-07-05 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : netpbm-free vulnerability (USN-210-1)
2006-01-15 00:00:00
Debian DSA-878-1 : netpbm-free - buffer overflow
2006-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2005-2978
2005-10-18 00:00:00
osv
osv
netpbm-free - buffer overflow
2005-10-28 00:00:00
centos
centos
netpbm, xloadimage security update
2005-10-18 16:34:52
debiancve
debiancve
CVE-2005-2978
2005-10-18 22:02:00
ubuntu
ubuntu
netpbm vulnerability
2005-10-18 00:00:00
securityvulns
securityvulns
[USN-210-1] netpbm vulnerability
2005-10-19 00:00:00
cve
cve
CVE-2005-2978
2005-10-18 22:02:00
debian
debian
[SECURITY] [DSA 878-1] New netpbm-free packages fix arbitrary code execution
2005-10-28 11:48:22
[SECURITY] [DSA 878-1] New netpbm-free packages fix arbitrary code execution
2005-10-28 00:00:00
freebsd
freebsd
netpbm -- buffer overflow in pnmtopng
2005-10-18 00:00:00
redhat
redhat
(RHSA-2005:793) netpbm security update
2005-10-18 00:00:00

0.025 Low

EPSS

Percentile

90.2%

JSON
Related for GLSA-200510-18
openvas8nessus7ubuntucve1osv1centos1debiancve1ubuntu1securityvulns1cve1debian2freebsd1redhat1