Two buffer overflows were discovered in the ‘pnmtopng’ tool, which were triggered by processing an image with exactly 256 colors when using the -alpha option (CVE-2005-3662) or by processing a text file with very long lines when using the -text option (CVE-2005-3632).
A remote attacker could exploit these to execute arbitrary code by tricking an user or an automated system into processing a specially crafted PNM file with pnmtopng.
22 November 2005
A security issue affects these releases of Ubuntu and its derivatives:
Two buffer overflows were discovered in the ‘pnmtopng’ tool, which were triggered by processing an image with exactly 256 colors when using the -alpha option (CVE-2005-3662) or by processing a text file with very long lines when using the -text option (CVE-2005-3632).
A remote attacker could exploit these to execute arbitrary code by tricking an user or an automated system into processing a specially crafted PNM file with pnmtopng.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.