EUVD-2005-2472

Malware in sbrugna...

SUSE CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

SUSE SLED12 / SLES12 Security Update : netpbm (SUSE-SU-2019:1645-1)

This update for netpbm fixes the following issues : Security issues fixed : CVE-2018-8975: The pmmallocarray2 function allowed remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file bsc1086777. CVE-2017-2579: Fixed out-of-bounds read in...

[SECURITY] [DSA 1021-1] New netpbm-free packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1021-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...

Ubuntu 4.10 / 5.04 : netpbm-free vulnerability (USN-164-1)

Max Vozeler discovered that the the 'pstopnm' conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user or ...

Mandrake Linux Security Advisory : netpbm (MDKSA-2005:133)

Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file. This could result in the execution of arbitrary...

Low: Red Hat Security Advisory: netpbm security update

Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for handling various graphics file formats, including .pbm...

USN-164-1: netpbm vulnerability

Max Vozeler discovered that the the "pstopnm" conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user or ...

GLSA-200508-04 : Netpbm: Arbitrary code execution in pstopnm

The remote host is affected by the vulnerability described in GLSA-200508-04 Netpbm: Arbitrary code execution in pstopnm Max Vozeler reported that pstopnm calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option, to convert a PostScript file into a PBM...

CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

DEBIAN-CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

CVE-2005-2471

CVE-2005-2471 concerns netpbm's pstopnm utility, which does not properly use -dSAFER when invoking Ghostscript to convert PostScript to PBM/PGM/PNM. This can allow an attacker to execute arbitrary commands via specially crafted PostScript files. Public disclosures reference a fix in several distr...

Netpbm: Arbitrary code execution in pstopnm

Background Netpbm is a package of 220 graphics programs and a programming libraries, including pstopnm. pstopnm is a tool which converts PostScript files to PNM image files. Description Max Vozeler reported that pstopnm calls the GhostScript interpreter on untrusted PostScript files without...