CVE-2009-4274

EPSS 2.5%

netpbm-free - buffer overflow

Published: 2/12/2010Modified: 4/28/2026

Description

Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.

Affected packages (3)

Debian/netpbm-freefrom 0, < 2:10.0-12.2
Debian/netpbm-freefrom 0, < 2:10.0-12+lenny1
Debian/netpbm-freefrom 0, < 2:10.0-12.1+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-4274