Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1142

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1142
Last Modified 05 Sep 2008 04:48:20
Published 15 Apr 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1142

Summary

Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values.

Vulnerable Systems

Application

  • Gocr Optical Character Recognition Utility 0.3.2

  • Gocr Optical Character Recognition Utility 0.3.4

  • Gocr Optical Character Recognition Utility 0.37

  • Gocr Optical Character Recognition Utility 0.39

  • Gocr Optical Character Recognition Utility 0.40


References

MISC - http://www.overflow.pl/adv/gocr.txt

BUGTRAQ - 20050415 [Overflow.pl] GOCR - Multiple vulnerabilities


Last Updated: 27 May 2016 10:40:03