Vulnerability Description
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netpbm | Netpbm | <= 9.20 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
- http://marc.info/?l=bugtraq&m=104644687816522&w=2
- http://www.debian.org/security/2003/dsa-263PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/630433US Government Resource
- http://www.redhat.com/support/errata/RHSA-2003-060.html
- http://www.securityfocus.com/bid/6979
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11463
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
- http://marc.info/?l=bugtraq&m=104644687816522&w=2
- http://www.debian.org/security/2003/dsa-263PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/630433US Government Resource
- http://www.redhat.com/support/errata/RHSA-2003-060.html
- http://www.securityfocus.com/bid/6979
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11463
FAQ
What is CVE-2003-0146?
CVE-2003-0146 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as ...
How severe is CVE-2003-0146?
CVE-2003-0146 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0146?
Check the references section above for vendor advisories and patch information. Affected products include: Netpbm Netpbm.