This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Netpbm | First view | 2003-03-31 |
| Product | Netpbm | Last view | 2008-10-30 |
| Version | 9.19 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:netpbm:netpbm | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.3 | 2008-10-30 | CVE-2008-4799 | pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read. |
| 6.8 | 2008-02-07 | CVE-2008-0554 | Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484. |
| 3.7 | 2004-02-17 | CVE-2003-0924 | netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. |
| 7.5 | 2003-03-31 | CVE-2003-0146 | Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-189 | Numeric Errors |
| 50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 49591 | Netpbm pamperspective Image Handling Window Height Calculation DoS |
| 41651 | netpbm giftopnm.c readImageData Function Crafted GIF File Handling Overflow |
| 10703 | Netpbm ppmfade Insecure Temporary File Creation |
| 10702 | Netpbm parallel Insecure Temporary File Creation |
| 10701 | Netpbm anytopnm Insecure Temporary File Creation |
| 10700 | Netpbm pnmmargin Insecure Temporary File Creation |
| 10486 | Netpbm pnmindex Insecure Temporary File Creation |
| 4810 | Netpbm Multiple Unspecified Math Overflows |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:317 (netpbm) File : nvt/mdksa_2009_317.nasl |
| 2009-10-13 | Name : Mandrake Security Advisory MDVSA-2009:262 (netpbm) File : nvt/mdksa_2009_262.nasl |
| 2009-10-10 | Name : SLES9: Security update for netpbm File : nvt/sles9p5023048.nasl |
| 2009-03-23 | Name : Ubuntu Update for netpbm-free vulnerability USN-665-1 File : nvt/gb_ubuntu_USN_665_1.nasl |
| 2009-03-06 | Name : RedHat Update for netpbm RHSA-2008:0131-01 File : nvt/gb_RHSA-2008_0131-01_netpbm.nasl |
| 2009-02-27 | Name : CentOS Update for netpbm CESA-2008:0131-01 centos2 i386 File : nvt/gb_CESA-2008_0131-01_netpbm_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for netpbm CESA-2008:0131 centos3 i386 File : nvt/gb_CESA-2008_0131_netpbm_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for netpbm CESA-2008:0131 centos3 x86_64 File : nvt/gb_CESA-2008_0131_netpbm_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for netpbm CESA-2008:0131 centos4 i386 File : nvt/gb_CESA-2008_0131_netpbm_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for netpbm CESA-2008:0131 centos4 x86_64 File : nvt/gb_CESA-2008_0131_netpbm_centos4_x86_64.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-02 (Netpbm) File : nvt/glsa_200410_02.nasl |
| 2008-05-27 | Name : Debian Security Advisory DSA 1579-1 (netpbm-free) File : nvt/deb_1579_1.nasl |
| 2008-03-19 | Name : Debian Security Advisory DSA 1493-2 (sdl-image1.2) File : nvt/deb_1493_2.nasl |
| 2008-02-15 | Name : Debian Security Advisory DSA 1493-1 (sdl-image1.2) File : nvt/deb_1493_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 263-1 (netpbm-free) File : nvt/deb_263_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 426-1 (netpbm-free) File : nvt/deb_426_1.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0131.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20080228_netpbm_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2009-12-07 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2009-317.nasl - Type: ACT_GATHER_INFO |
| 2009-10-12 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2009-262.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_12068.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-665-1.nasl - Type: ACT_GATHER_INFO |
| 2008-05-19 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1579.nasl - Type: ACT_GATHER_INFO |
| 2008-02-28 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2008-0131.nasl - Type: ACT_GATHER_INFO |
| 2008-02-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0131.nasl - Type: ACT_GATHER_INFO |
| 2004-10-04 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200410-02.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-263.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-426.nasl - Type: ACT_GATHER_INFO |
| 2004-07-31 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2003-036.nasl - Type: ACT_GATHER_INFO |
| 2004-07-31 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2004-011.nasl - Type: ACT_GATHER_INFO |
| 2004-07-06 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2003-061.nasl - Type: ACT_GATHER_INFO |
| 2004-07-06 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2004-031.nasl - Type: ACT_GATHER_INFO |
