Vulnerability Details CVE-2003-0146
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
- http://marc.info/?l=bugtraq&m=104644687816522&w=2
- http://www.debian.org/security/2003/dsa-263
- http://www.kb.cert.org/vuls/id/630433
- http://www.redhat.com/support/errata/RHSA-2003-060.html
- http://www.securityfocus.com/bid/6979
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11463
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
- http://marc.info/?l=bugtraq&m=104644687816522&w=2
- http://www.debian.org/security/2003/dsa-263
- http://www.kb.cert.org/vuls/id/630433
- http://www.redhat.com/support/errata/RHSA-2003-060.html
- http://www.securityfocus.com/bid/6979
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11463