PT-2018-7113 · Netpbm+1 · Netpbm+1

Published

2017-02-20

Updated

2019-06-24

CVE-2017-2579

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: netpbm versions prior to 10.61

Description: An out-of-bounds read issue was discovered, which could be triggered by a maliciously crafted file. This might cause the application to crash or potentially allow code execution. The expandCodeOntoStack() function is identified as having an insufficient code value check.

Recommendations: For versions prior to 10.61, update to version 10.61 or later to resolve the issue. As a temporary workaround, consider avoiding the use of potentially malicious files until the update is applied.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2017-2579

MGASA-2017-0058

OPENSUSE-SU-2019:1605-1

OPENSUSE-SU-2019_1605-1

SUSE-SU-2019:14101-1

SUSE-SU-2019:1525-1

SUSE-SU-2019:1645-1

SUSE-SU-2019_14101-1

SUSE-SU-2019_1525-1

SUSE-SU-2019_1645-1

Affected Products

Suse

Netpbm

PT-2018-7113 · Netpbm+1 · Netpbm+1

CVE-2017-2579

Weakness Enumeration

Related Identifiers

Affected Products

References · 26