Off-by-one buffer overflow in pnmtopng prior to 2.39, when using the -alpha command line option (Alphas_Of_Color), allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
greg roelofs pnmtopng 2.37.5 |
||
greg roelofs pnmtopng 2.37.6 |
||
greg roelofs pnmtopng 2.37.3 |
||
greg roelofs pnmtopng 2.37.4 |
||
greg roelofs pnmtopng 2.38 |