7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
A buffer overflow has been identified in the pnmtopng component of the
netpbm package, a set of graphics conversion tools. This
vulnerability could allow an attacker to execute arbitrary code as a
local user by providing a specially crafted PNM file.
The old stable distribution (woody) it not vulnerable to this problem.
For the stable distribution (sarge) this problem has been fixed in
version 10.0-8sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 10.0-10.
We recommend that you upgrade your netpbm-free packages.
CPE | Name | Operator | Version |
---|---|---|---|
netpbm-free | eq | 2:10.0-8 |