PT-2005-3815 · Netpbm+1 · Netpbm+1

Bastien Nocera

Published

2005-10-18

Updated

2018-10-03

CVE-2005-2978

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions netpbm versions prior to 10.25

Description The issue arises when using the -trans option in pnmtopng for converting Portable Anymap (PNM) images to Portable Network Graphics (PNG). It uses uninitialized size and index variables, which could potentially allow attackers to execute arbitrary code by modifying the stack.

Recommendations For versions prior to 10.25, update to version 10.25 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2978

DSA-878-1

RHSA-2005:793

RHSA-2005_793

Affected Products

Red Hat

Netpbm

PT-2005-3815 · Netpbm+1 · Netpbm+1

CVE-2005-2978

Related Identifiers

Affected Products

References · 22