Netpbm : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2009-4274

Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.
Max CVSS
7.5
EPSS Score
2.12%
Published
2010-02-12
Updated
2023-02-13

CVE-2005-2978

pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.
Max CVSS
7.5
EPSS Score
2.55%
Published
2005-10-18
Updated
2018-10-03

CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
2.05%
Published
2005-08-05
Updated
2017-10-11

CVE-2003-0146

Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.
Max CVSS
7.5
EPSS Score
9.02%
Published
2003-03-31
Updated
2017-07-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close