what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2009-4274

Status Candidate

Overview

Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.

Related Files

Gentoo Linux Security Advisory 201311-08
Posted Nov 13, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-8 - A vulnerability in Netpbm could result in execution of arbitrary code or Denial of Service. Versions less than 10.49.00 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2009-4274
SHA-256 | ea8452d7a1cee55fb0d6a0685cf72c7fe00baa2d82e6e1e8656247eb497acac8
Red Hat Security Advisory 2011-1811-01
Posted Dec 13, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1811-01 - The netpbm packages contain a library of functions which support programs for handling various graphics file formats, including .pbm, .pgm, .pnm, .ppm, and others. Two heap-based buffer overflow flaws were found in the embedded JasPer library, which is used to provide support for Part 1 of the JPEG 2000 image compression standard in the jpeg2ktopam and pamtojpeg2k tools. An attacker could create a malicious JPEG 2000 compressed image file that could cause jpeg2ktopam to crash or, potentially, execute arbitrary code with the privileges of the user running jpeg2ktopam. These flaws do not affect pamtojpeg2k.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2009-4274, CVE-2011-4516, CVE-2011-4517
SHA-256 | 4e30cdb614403f06bdbc810bb652c4ffc82fcffc0b429f074d8a9abad1cea938
Ubuntu Security Notice 934-1
Posted Apr 30, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 934-1 - Marc Schoenefeld discovered a buffer overflow in Netpbm when loading certain images. If a user or automated system were tricked into opening a specially crafted XPM image, a remote attacker could crash Netpbm. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2009-4274
SHA-256 | b35687a340a4fdbf7229769133d5339808e1f1c6becbce15b0647f661933d805
Debian Linux Security Advisory 2026-1
Posted Apr 3, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2026-1 - Marc Schoenefeld discovered a stack-based buffer overflow in the XPM reader implementation in netpbm-free, a suite of image manipulation utilities. An attacker could cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2009-4274
SHA-256 | 14051f709ce6403d1a744675caa6e472b5796bd620bcb7a4a8c075c290f734fc
Mandriva Linux Security Advisory 2010-039
Posted Feb 17, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-039 - Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-4274
SHA-256 | 7a5d6b7bf889ee556ed937e2c8e9f9a9b35d1e918e402269a20973667ee185ee
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    18 Files
  • 14
    Aug 14th
    50 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close