Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3662

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-3662
Last Modified 07 Mar 2011 12:00:00
Published 17 Nov 2005 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3662

Summary

Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.

Vulnerable Systems

Application

  • Greg Roelofs Pnmtopng 2.37.3

  • Greg Roelofs Pnmtopng 2.37.4

  • Greg Roelofs Pnmtopng 2.37.5

  • Greg Roelofs Pnmtopng 2.37.6

  • Greg Roelofs Pnmtopng 2.38


References

SECUNIA - 17544

VUPEN - ADV-2005-2418

UBUNTU - USN-218-1

BID - 15427

REDHAT - RHSA-2005:843

SUSE - SUSE-SR:2005:028

MANDRIVA - MDKSA-2005:217

DEBIAN - DSA-904

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=370545

SECUNIA - 18517

SECUNIA - 18186

SECUNIA - 17828

SECUNIA - 17679

SECUNIA - 17671

SGI - 20060101-01-U


Last Updated: 27 May 2016 10:41:00