Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-2580

Опубликовано: 27 июл. 2018
Источник: debian

Описание

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
netpbm-freefixed2:10.97.00-1package
netpbm-freenot-affectedbullseyepackage
netpbm-freenot-affectedbusterpackage
netpbm-freenot-affectedstretchpackage
netpbm-freenot-affectedjessiepackage

Примечания

  • Debian uses an old fork of netpbm

  • https://www.openwall.com/lists/oss-security/2017/02/05/7

  • PoC+report attached to #854978

  • Possible fix: https://sourceforge.net/p/netpbm/code/2821 (10.47.63)

Связанные уязвимости

ubuntu логотип

CVE-2017-2580

CVSS3: 4.5
ubuntu
больше 7 лет назад

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

redhat логотип

CVE-2017-2580

CVSS3: 4.5
redhat
около 9 лет назад

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

nvd логотип

CVE-2017-2580

CVSS3: 4.5
nvd
больше 7 лет назад

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

github логотип

GHSA-4fmc-9h9m-pc7f

CVSS3: 7.8
github
больше 3 лет назад

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

suse-cvrf логотип

openSUSE-SU-2019:1605-1

suse-cvrf
больше 6 лет назад

Security update for netpbm