3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.3%
The netpbm package contains a library of functions that support
programs for handling various graphics file formats, including .pbm
(portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps),
.ppm (portable pixmaps), and others.
A number of temporary file bugs have been found in versions of NetPBM.
These could make it possible for a local user to overwrite or create files
as a different user who happens to run one of the the vulnerable utilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0924 to this issue.
Users are advised to upgrade to the erratum packages, which contain patches
from Debian that correct these bugs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | netpbm-progs | < 9.24-9.AS21.3 | netpbm-progs-9.24-9.AS21.3.ia64.rpm |
RedHat | any | i386 | netpbm-devel | < 9.24-9.AS21.3 | netpbm-devel-9.24-9.AS21.3.i386.rpm |
RedHat | any | i386 | netpbm-progs | < 9.24-11.30.1 | netpbm-progs-9.24-11.30.1.i386.rpm |
RedHat | any | ia64 | netpbm | < 9.24-9.AS21.3 | netpbm-9.24-9.AS21.3.ia64.rpm |
RedHat | any | x86_64 | netpbm-progs | < 9.24-11.30.1 | netpbm-progs-9.24-11.30.1.x86_64.rpm |
RedHat | any | ia64 | netpbm-devel | < 9.24-9.AS21.3 | netpbm-devel-9.24-9.AS21.3.ia64.rpm |
RedHat | any | ppc | netpbm-devel | < 9.24-11.30.1 | netpbm-devel-9.24-11.30.1.ppc.rpm |
RedHat | any | i386 | netpbm | < 9.24-9.AS21.3 | netpbm-9.24-9.AS21.3.i386.rpm |
RedHat | any | x86_64 | netpbm-devel | < 9.24-11.30.1 | netpbm-devel-9.24-11.30.1.x86_64.rpm |
RedHat | any | s390x | netpbm-progs | < 9.24-11.30.1 | netpbm-progs-9.24-11.30.1.s390x.rpm |