| Vulnerability Name: | CVE-2005-2978 (CCN-22783) | ||||||||||||||||||||
| Assigned: | 2005-10-18 | ||||||||||||||||||||
| Published: | 2005-10-18 | ||||||||||||||||||||
| Updated: | 2018-10-03 | ||||||||||||||||||||
| Summary: | pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack. | ||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2978 Source: CCN Type: Netpbm Web site Netpbm home page Source: CCN Type: RHSA-2005-793 netpbm security update Source: CCN Type: SA17221 NetPBM "pnmtopng" Stack Corruption Vulnerability Source: SECUNIA Type: UNKNOWN 17221 Source: SECUNIA Type: UNKNOWN 17222 Source: SECUNIA Type: UNKNOWN 17256 Source: SECUNIA Type: UNKNOWN 17265 Source: SECUNIA Type: UNKNOWN 17282 Source: SECUNIA Type: UNKNOWN 17357 Source: CCN Type: SECTRACK ID: 1015071 Netpbm Buffer Overflow in `pnmtopng` May Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1015071 Source: DEBIAN Type: UNKNOWN DSA-878 Source: DEBIAN Type: DSA-878 netpbm-free -- buffer overflow Source: CCN Type: GLSA-200510-18 Netpbm: Buffer overflow in pnmtopng Source: GENTOO Type: UNKNOWN GLSA-200510-18 Source: SUSE Type: UNKNOWN SUSE-SR:2005:024 Source: REDHAT Type: Vendor Advisory RHSA-2005:793 Source: BID Type: UNKNOWN 15128 Source: CCN Type: BID-15128 NetPBM PNMToPNG Buffer Overflow Vulnerability Source: CCN Type: USN-210-1 netpbm vulnerability Source: VUPEN Type: UNKNOWN ADV-2005-2133 Source: MISC Type: Exploit, Vendor Advisory https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278 Source: XF Type: UNKNOWN netpbm-closestcolorInpalette-code-execution(22783) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10135 Source: UBUNTU Type: UNKNOWN USN-210-1 Source: SUSE Type: SUSE-SR:2005:024 SUSE Security Summary Report | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||