CVSS: 4.3EPSS: 0%CPEs: 112EXPL: 0CVE-2008-4799
https://notcve.org/view.php?id=CVE-2008-4799
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read. pamperspective en Netpbm anterior a v10.35.48 no calcula correctamente la altura de una ventana, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) mediante una archivo de imagen manipulado que dispara una lectura fuera de los límites. • http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY http://www.openwall.com/lists/oss-security/2008/10/22/7 http://www.openwall.com/lists/oss-security/2008/10/23/2 http://www.securityfocus.com/bid/31871 https://exchange.xforce.ibmcloud.com/vulnerabilities/46054 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00058.html https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00069.html • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 5%CPEs: 1EXPL: 0CVE-2008-0554 – netpbm: GIF handling buffer overflow in giftopnm
https://notcve.org/view.php?id=CVE-2008-0554
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484. Desbordamiento de Buffer en la función readImageData en giftopnm.c de netpbm en versiones anteriores a 10.27 y de netpbm en versiones anteriores a 10.27 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de imágenes GIF manipuladas, similar a CVE-2006-4484. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464056 http://secunia.com/advisories/29079 http://secunia.com/advisories/30280 http://secunia.com/advisories/32607 http://ubuntu.com/usn/usn-665-1 http://www.debian.org/security/2008/dsa-1579 http://www.mandriva.com/security/advisories?name=MDVSA-2008:039 http://www.redhat.com/support/errata/RHSA-2008-0131.html http://www.securityfocus.com/bid/27682 http://www.securitytracker.com/id?1019358 http://www.vupen.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2005-3632
https://notcve.org/view.php?id=CVE-2005-3632
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file. • http://secunia.com/advisories/17544 http://secunia.com/advisories/17671 http://secunia.com/advisories/17679 http://secunia.com/advisories/17828 http://secunia.com/advisories/18186 http://www.debian.org/security/2005/dsa-904 http://www.mandriva.com/security/advisories?name=MDKSA-2005:217 http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.redhat.com/support/errata/RHSA-2005-843.html http://www.securityfocus.com/bid/15514 http://www.vupen.com/e •
CVSS: 7.5EPSS: 2%CPEs: 25EXPL: 1CVE-2005-2978
https://notcve.org/view.php?id=CVE-2005-2978
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack. • http://secunia.com/advisories/17221 http://secunia.com/advisories/17222 http://secunia.com/advisories/17256 http://secunia.com/advisories/17265 http://secunia.com/advisories/17282 http://secunia.com/advisories/17357 http://securitytracker.com/id?1015071 http://www.debian.org/security/2005/dsa-878 http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml http://www.novell.com/linux/security/advisories/2005_24_sr.html http://www.redhat.com/support/errata/RHSA-2005-793& •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2005-2471
https://notcve.org/view.php?id=CVE-2005-2471
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. pstopnm en netpbm no usa adecuadamente la opción "-dSAFER" (cuando llama a Ghostscript para convertir un archivo PostScript en un pbm, pgm o pnm), lo que permite que atacantes remotos con la intervención del usuario puedan ejecutar comandos arbitrarios. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757 http://secunia.com/advisories/16184 http://secunia.com/advisories/18330 http://secunia.com/advisories/19436 http://securitytracker.com/id?1014752 http://www.debian.org/security/2006/dsa-1021 http://www.novell.com/linux/security/advisories/2005_19_sr.html http://www.osvdb.org/18253 http://www.redhat.com/support/errata/RHSA-2005-743.html http://www.securityfocus.com/bid/14379 http://www.trustix.org/errata/200 •