CVE-2005-1142

Name of the Vulnerable Software and Affected Versions GOCR version 0.40

Description A heap-based buffer overflow issue exists in the readpgm function in pnm.c, which can be exploited by remote attackers to execute arbitrary code. This is possible when processing a P3 format PNM file that contains more data than implied by its width and height values, and the software is not using netpbm.

Recommendations For GOCR version 0.40, consider avoiding the use of P3 format PNM files with inconsistent data until a patch is available. As a temporary workaround, restrict the processing of PNM files to only those with verified and consistent width, height, and data values to minimize the risk of exploitation.